USG110 - FW v4.72 - different vulnerabilities solved (or not?)
Options
Just reading the feature log of the latest FW patch v4.72. It's listing the following vulnerabilities which have been dealt with:
CVE-2022-0778
CVE-2022-0342
CVE-2021-44224
So far so good. But your latest security advisory of today ( https://www.zyxel.com/support/multiple-vulnerabilities-of-firewalls-AP-controllers-and-APs.shtml ) is listing the following v4.71 vulnerabilities, which should be mitigated by v4.72, too:
CVE-2022-26531
CVE-2022-26532
CVE-2022-0910
Why nothing of these vulnerabilities is written about in the v4.72 feature log?
0
All Replies
-
As a personal opinion, these vulnerabilities are not yet mitigated/solved into 4.72.Why nothing of these vulnerabilities is written about in the v4.72 feature log?
0 -
Hi @USG_User
We're sorry for the confusion
This vulnerability has been fixed aggressively into regular release but we did not disclose it since the official disclosure time has not been aligned with the researcher at that moment. In the meantime, we also updated device what's new with CVE info afterward, expected users getting real time notice from device directly.
Here it is the what's new content:
0
Categories
- All Categories
- 383 Beta Program
- 2.1K Nebula
- 116 Nebula Ideas
- 80 Nebula Status and Incidents
- 5.1K Security
- 76 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 907 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 209 Service & License
- 335 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 1.9K FAQ
- 890 Nebula FAQ
- 415 Security FAQ
- 233 Switch FAQ
- 203 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 137 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 73 About Community
- 62 Security Highlight