• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
zyxel issues patches for 4 new flaws affecting ap, api

Zyxel Issues Patches for 4 New Flaws Affecting AP, API Controller and Firewall Devices

You are here: Home / General Cyber Security News / Zyxel Issues Patches for 4 New Flaws Affecting AP, API Controller and Firewall Devices
May 27, 2022

Zyxel has produced patches to deal with four security flaws impacting its firewall, AP Controller, and AP products to execute arbitrary running procedure commands and steal pick details.

The record of security vulnerabilities is as follows –

  • CVE-2022-0734 – A cross-web page scripting (XSS) vulnerability in some firewall variations that could be exploited to entry info saved in the user’s browser, such as cookies or session tokens, via a malicious script.
  • CVE-2022-26531 – Many enter validation flaws in command line interface (CLI) instructions for some variations of firewall, AP controller, and AP devices that could be exploited to induce a technique crash.
  • CVE-2022-26532 – A command injection vulnerability in the “packet-trace” CLI command for some versions of firewall, AP controller, and AP units that could guide to execution of arbitrary OS commands.
  • CVE-2022-0910 – An authentication bypass vulnerability influencing pick out firewall versions that could permit an attacker to downgrade from two-factor authentication to 1-factor authentication by way of an IPsec VPN consumer.

CyberSecurity

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


Though Zyxel has released software package patches for firewalls and AP gadgets, hotfix for AP controllers afflicted by CVE-2022-26531 and CVE-2022-26532 can be acquired only by getting in contact with the respective regional Zyxel guidance teams.

The enhancement comes as a critical command injection flaw in pick out variations of Zyxel firewalls (CVE-2022-30525, CVSS score: 9.8) has occur below lively exploitation, prompting the U.S. Cybersecurity and Infrastructure Security Company to insert the bug to its Regarded Exploited Vulnerabilities Catalog.

Found this article exciting? Stick to THN on Facebook, Twitter  and LinkedIn to read extra distinctive articles we publish.


Some components of this write-up are sourced from:
thehackernews.com

Previous Post: «Cyber Security News Report Explores Child’s Data Safety Legislation Across 50 Countries
Next Post: NCSC Report Reveals Phishing Lures Increasingly Disguised as Vaccine Appointments Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • New Variant of Banking Trojan BBTok Targets Over 40 Latin American Banks
  • How to Interpret the 2023 MITRE ATT&CK Evaluation Results
  • Iranian Nation-State Actor OilRig Targets Israeli Organizations
  • High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server
  • Apple Rushes to Patch 3 New Zero-Day Flaws: iOS, macOS, Safari, and More Vulnerable
  • Mysterious ‘Sandman’ Threat Actor Targets Telecom Providers Across Three Continents
  • Researchers Raise Red Flag on P2PInfect Malware with 600x Activity Surge
  • The Rise of the Malicious App
  • China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers
  • Cyber Group ‘Gold Melody’ Selling Compromised Access to Ransomware Attackers

Copyright © TheCyberSecurity.News, All Rights Reserved.