When an updated firmware for Flex100H updating Tailscale - Security Vulnerability

Options
Gibsonmb
Gibsonmb Posts: 6 image  Freshman Member
First Comment Friend Collector First Anniversary
in Security

The current firmware release for the USG FLEX 100H is V1.36(ABXF.0) released on the 20th October 2025. This contains a version of Tailscale that is know to have a significant security vulnerabilities, making it unsafe to use. That version (1.82.0-3) of Tailscale client is now very old and the current version is 1.92.3. When will there be a new firmware FLEX 100H release updating the Tailscale client, making it safe to use again?

Best Answers

  • Zyxel_Tina
    Zyxel_Tina Posts: 529 image  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Switch 100 Answers 500 Comments
    Answer ✓

    Hi @Gibsonmb,

    We understand your concern about using an older version with known vulnerabilities. We plan to release V1.37 this month, which includes Tailscale client version 1.90.8. Regarding version 1.90.8, you may refer to this changelog to check which vulnerabilities have been resolved. Please stay tuned to our News & Release section when the firmware becomes available for download.

    Thank you for your understanding and patience!

    Zyxel Tina

  • Zyxel_Tina
    Zyxel_Tina Posts: 529 image  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Switch 100 Answers 500 Comments
    Answer ✓

    Hi @Gibsonmb,

    When we finalized the firmware plan, Tailscale v1.90.8 was the latest stable release available at that time, so we targeted that version accordingly. Tailscale v1.92.3 came out in mid-December—purely a timing difference after our integration decision was already completed. Therefore, the upcoming v1.37 firmware will include Tailscale v1.90.8.

    Zyxel Tina

All Replies

  • best_heygman
    best_heygman Posts: 18 image  Freshman Member
    Zyxel Certified Network Administrator - Security First Comment Friend Collector

    And which significant security vulnerability would that be?

  • Zyxel_Tina
    Zyxel_Tina Posts: 529 image  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Switch 100 Answers 500 Comments
    Answer ✓

    Hi @Gibsonmb,

    We understand your concern about using an older version with known vulnerabilities. We plan to release V1.37 this month, which includes Tailscale client version 1.90.8. Regarding version 1.90.8, you may refer to this changelog to check which vulnerabilities have been resolved. Please stay tuned to our News & Release section when the firmware becomes available for download.

    Thank you for your understanding and patience!

    Zyxel Tina

  • Gibsonmb
    Gibsonmb Posts: 6 image  Freshman Member
    First Comment Friend Collector First Anniversary
    https://community.zyxel.com/en/discussion/comment/82516#Comment_82516

    Multiple, I'm not about to amplify it to to others. Read the Tailscale logs.

  • Gibsonmb
    Gibsonmb Posts: 6 image  Freshman Member
    First Comment Friend Collector First Anniversary

    OK, but still well behind the current release of Tailscale.

  • Zyxel_Tina
    Zyxel_Tina Posts: 529 image  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Switch 100 Answers 500 Comments
    Answer ✓

    Hi @Gibsonmb,

    When we finalized the firmware plan, Tailscale v1.90.8 was the latest stable release available at that time, so we targeted that version accordingly. Tailscale v1.92.3 came out in mid-December—purely a timing difference after our integration decision was already completed. Therefore, the upcoming v1.37 firmware will include Tailscale v1.90.8.

    Zyxel Tina

Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)