USG110 - FW v4.72 - different vulnerabilities solved (or not?)
Just reading the feature log of the latest FW patch v4.72. It's listing the following vulnerabilities which have been dealt with:
CVE-2022-0778
CVE-2022-0342
CVE-2021-44224
So far so good. But your latest security advisory of today ( https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml ) is listing the following v4.71 vulnerabilities, which should be mitigated by v4.72, too:
CVE-2022-26531
CVE-2022-26532
CVE-2022-0910
Why nothing of these vulnerabilities is written about in the v4.72 feature log?
0
All Replies
-
As a personal opinion, these vulnerabilities are not yet mitigated/solved into 4.72.Why nothing of these vulnerabilities is written about in the v4.72 feature log?
0 -
Hi @USG_User
We're sorry for the confusion
This vulnerability has been fixed aggressively into regular release but we did not disclose it since the official disclosure time has not been aligned with the researcher at that moment. In the meantime, we also updated device what's new with CVE info afterward, expected users getting real time notice from device directly.
Here it is the what's new content:
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 146 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight