Multiple vulnerabilities in Zyxel WiFi products
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 |
| CWE-ID | CWE-20 CWE-451 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software |
WAH7706 Hardware solutions / Routers for home users LTE4506-M606 Hardware solutions / Routers for home users XMG8825-B50A Hardware solutions / Routers for home users XMG3927-B50A Hardware solutions / Routers for home users VMG8825-T50K Hardware solutions / Routers for home users VMG8825-Bx0B Hardware solutions / Routers for home users VMG8825-B50A_B60A Hardware solutions / Routers for home users VMG8623-T50B Hardware solutions / Routers for home users VMG3927-T50K Hardware solutions / Routers for home users VMG3927-B50B Hardware solutions / Routers for home users VMG3927-B50A_B60A Hardware solutions / Routers for home users VMG3625-T50B Hardware solutions / Routers for home users VMG1312-T20B Hardware solutions / Routers for home users EX5510-B0 Hardware solutions / Routers for home users EMG6726-B10A Hardware solutions / Routers for home users EMG5723-T50K Hardware solutions / Routers for home users EMG5523-T50B Hardware solutions / Routers for home users EMG3525-T50B Hardware solutions / Routers for home users EX3510-B0 Hardware solutions / Routers for home users VMG4927-B50A Hardware solutions / Routers for home users USG60W Hardware solutions / Firmware USG40W Hardware solutions / Firmware WX3310-B0 Hardware solutions / Firmware WRE6605 Hardware solutions / Firmware WRE6602 Hardware solutions / Firmware WRE6505 v2 Hardware solutions / Firmware WRE2206 Hardware solutions / Firmware WAP6806 Hardware solutions / Firmware WAP6804 Hardware solutions / Firmware WAP3205 v3 Hardware solutions / Firmware NWD6605 Hardware solutions / Firmware NWD6602 Hardware solutions / Firmware NWD6505 Hardware solutions / Firmware NBG7815 (Armor G5) Hardware solutions / Firmware NBG6818 (Armor G1) Hardware solutions / Firmware NBG6817 (Armor Z2) Hardware solutions / Firmware NBG6615 Hardware solutions / Firmware NBG6604 Hardware solutions / Firmware NBG6515 Hardware solutions / Firmware NBG-418N v2 Hardware solutions / Firmware WSR30 (Multy U) Hardware solutions / Firmware WSQ60 (Multy Plus) Hardware solutions / Firmware WSQ50 (Multy X) Hardware solutions / Firmware WSQ20 (Multy Mini) Hardware solutions / Firmware AX7501-B0 Hardware solutions / Firmware WAH7608 Hardware solutions / Firmware WAH7601 Hardware solutions / Firmware LTE5388-M804 Hardware solutions / Firmware LTE5366 Hardware solutions / Firmware LTE3316-M604(v2) Hardware solutions / Firmware LTE3316-M604(v1) Hardware solutions / Firmware LTE3302-M432 Hardware solutions / Firmware LTE3301-PLUS Hardware solutions / Firmware LTE3301-M209 Hardware solutions / Firmware LTE3202-M437 Hardware solutions / Firmware LTE3202-M430 Hardware solutions / Firmware LTE2566 Hardware solutions / Firmware PMG5705-T10A Hardware solutions / Firmware P-660HN-51 Hardware solutions / Firmware EMG3425-Q10A Hardware solutions / Firmware USG20W-VPN Hardware solutions / Firmware USG FLEX 100W Hardware solutions / Firmware ATP100W Hardware solutions / Firmware WAX650S Hardware solutions / Firmware WAX610D Hardware solutions / Firmware WAX510D Hardware solutions / Firmware WAC6553D-E Hardware solutions / Firmware WAC6552D-S Hardware solutions / Firmware WAC6503D-S Hardware solutions / Firmware WAC6502D-S Hardware solutions / Firmware WAC6502D-E Hardware solutions / Firmware WAC6103D-I Hardware solutions / Firmware WAC500H Hardware solutions / Firmware WAC500 Hardware solutions / Firmware NWA5123-AC Hardware solutions / Firmware NWA210AX Hardware solutions / Firmware NWA1302-AC Hardware solutions / Firmware NWA1123ACv3 Hardware solutions / Firmware NWA1123-ACv2 Hardware solutions / Firmware NWA1123AC PRO Hardware solutions / Firmware NWA110AX Hardware solutions / Firmware NR7101 Hardware solutions / Firmware NR5101 Hardware solutions / Firmware NR2101 Hardware solutions / Firmware LTE7490-M904 Hardware solutions / Firmware LTE7485-S905 Hardware solutions / Firmware LTE7480-S905 Hardware solutions / Firmware LTE7480-M804 Hardware solutions / Firmware LTE7461-M602 Hardware solutions / Firmware LTE7240-M403 Hardware solutions / Firmware LTE5388-S905 Hardware solutions / Firmware PMG5622GA Hardware solutions / Firmware PMG5617GA Hardware solutions / Firmware PMG5317-T20B Hardware solutions / Firmware VMG9827-B50A Hardware solutions / Firmware EX5501-B0 Hardware solutions / Firmware EMG8726-B50A Hardware solutions / Firmware EMG1702-T10A Hardware solutions / Firmware DX4510-B0 Hardware solutions / Firmware EMG3524-T10A Hardware solutions / Firmware WAC6303D-S Hardware solutions / Firmware WAC5302D-Sv2 Hardware solutions / Firmware WAC5302D-S Hardware solutions / Firmware NWA5123-AC HD Hardware solutions / Firmware NWA1123-AC HD Hardware solutions / Firmware |
| Vendor | ZyXEL Communications Corp. |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU53154
Risk: Low
CVSSv4.0: 2.3 [CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-24586
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists in the 802.11 standard due to the affected device does not clear its cache/memory to remove fragments of an incomplete MSDU/MMPDU from previous session after reconnection/reassociation. A remote attacker on the local network can perform a fragment cache attack and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWAH7706: All versions
LTE4506-M606: All versions
USG60W: All versions
USG40W: All versions
WX3310-B0: before 1.00(ABSF.2)C0
WRE6605: All versions
WRE6602: All versions
WRE6505 v2: All versions
WRE2206: All versions
WAP6806: All versions
WAP6804: All versions
WAP3205 v3: All versions
NWD6605: All versions
NWD6602: All versions
NWD6505: All versions
NBG7815 (Armor G5): All versions
NBG6818 (Armor G1): All versions
NBG6817 (Armor Z2): All versions
NBG6615: All versions
NBG6604: All versions
NBG6515: All versions
NBG-418N v2: All versions
WSR30 (Multy U): All versions
WSQ60 (Multy Plus): All versions
WSQ50 (Multy X): All versions
WSQ20 (Multy Mini): All versions
AX7501-B0: All versions
WAH7608: All versions
WAH7601: All versions
LTE5388-M804: All versions
LTE5366: All versions
LTE3316-M604(v2): All versions
LTE3316-M604(v1): All versions
LTE3302-M432: All versions
LTE3301-PLUS: All versions
LTE3301-M209: All versions
LTE3202-M437: All versions
LTE3202-M430: All versions
LTE2566: All versions
PMG5705-T10A: All versions
P-660HN-51: All versions
EMG3425-Q10A: All versions
USG20W-VPN: All versions
USG FLEX 100W: All versions
ATP100W: All versions
WAX650S: All versions
WAX610D: All versions
WAX510D: All versions
WAC6553D-E: All versions
WAC6552D-S: All versions
WAC6503D-S: All versions
WAC6502D-S: All versions
WAC6502D-E: All versions
WAC6103D-I: All versions
WAC500H: All versions
WAC500: All versions
NWA5123-AC: All versions
NWA210AX: All versions
NWA1302-AC: All versions
NWA1123ACv3: All versions
NWA1123-ACv2: All versions
NWA1123AC PRO: All versions
NWA110AX: All versions
NR7101: before 1.00(ABUV.4)C0
NR5101: before 1.00(ABVC.3)C0
NR2101: before 1.00(ABUS.5)C0
LTE7490-M904: before 1.00(ABQY.3)C0
LTE7485-S905: before 1.00(ABVN.5)C0
LTE7480-S905: before 2.00(ABQT.5)C0
LTE7480-M804: before 1.00(ABRA.3)C0
LTE7461-M602: before 2.00(ABQN.4)C0
LTE7240-M403: before 2.00(ABMG.4)C0
LTE5388-S905: before 1.00(ABVI.5)C0
PMG5622GA: before 5.40(ABNB.2)
PMG5617GA: before 5.40(ABNA.2)
PMG5317-T20B: before 5.40(ABKI.4)
XMG8825-B50A: before 5.17(ABMT.6)C0
XMG3927-B50A: before 5.17(ABMT.6)C0
VMG9827-B50A: before 5.13(ABLY.6)C0
VMG8825-T50K: before 5.50(ABOM.7)C0
VMG8825-Bx0B: before 5.17(ABNY.7)C0
VMG8825-B50A_B60A: before 5.17(ABMT.6)C0
VMG8623-T50B: before 5.50(ABPM.6)C0
VMG3927-T50K: before 5.50(ABOM.7)C0
VMG3927-B50B: before 5.13(ABLY.6)C0
VMG3927-B50A_B60A: before 5.17(ABMT.6)C0
VMG3625-T50B: before 5.50(ABPM.6)C0
VMG1312-T20B: before 5.50(ABSB.5)C0
EX5510-B0: before 5.15(ABQX.5)C0
EX5501-B0: before 5.17(ABRY.2)C0
EMG8726-B50A: before 5.13(ABNP.6)C0
EMG6726-B10A: before 5.13(ABNP.6)C0
EMG5723-T50K: before 5.50(ABOM.7)C0
EMG5523-T50B: before 5.50(ABSL.0)C0
EMG1702-T10A: before 1.00(ABNZ.1)C0
DX4510-B0: before 5.17(ABYL.0)C0
EMG3525-T50B: before 5.50(ABSL.0)C0
EMG3524-T10A: before 5.41(ABXU.1)C0
WAC6303D-S: before 6.25(ABGL.0)
WAC5302D-Sv2: before 6.25(ABVZ.0)
WAC5302D-S: before 6.25(ABFH.8)
NWA5123-AC HD: before 6.25(ABIM.0)
NWA1123-AC HD: before 6.25(ABIN.0)
EX3510-B0: before V5.17(ABUP.3)C0
VMG4927-B50A: before V5.13(ABLY.6)C0
CPE2.3- cpe:2.3:h:zyxel_communications_corp:wah7706:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte4506-m606:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:usg60w:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:usg40w:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wx3310-b0:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wre6605:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wre6602:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wre6505_v2:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wre2206:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wap6806:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wap6804:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wap3205_v3:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwd6605:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwd6602:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwd6505:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nbg7815_armor_g5:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nbg6818_armor_g1:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nbg6817_armor_z2:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nbg6615:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nbg6604:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nbg6515:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nbg-418n_v2:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wsr30_multy_u:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wsq60_multy_plus:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wsq50_multy_x:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wsq20_multy_mini:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:ax7501-b0:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wah7608:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wah7601:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte5388-m804:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte5366:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte3316-m604_v2:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte3316-m604_v1:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte3302-m432:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte3301-plus:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte3301-m209:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte3202-m437:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte3202-m430:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte2566:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:pmg5705-t10a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:p-660hn-51:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg3425-q10a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:usg20w-vpn:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:usg_flex_100w:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:atp100w:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wax650s:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wax610d:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wax510d:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac6553d-e:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac6552d-s:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac6503d-s:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac6502d-s:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac6502d-e:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac6103d-i:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac500h:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac500:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa5123-ac:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa210ax:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa1302-ac:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa1123acv3:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa1123-acv2:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa1123ac_pro:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa110ax:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nr7101:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nr5101:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nr2101:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte7490-m904:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte7485-s905:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte7480-s905:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte7480-m804:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte7461-m602:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte7240-m403:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte5388-s905:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:pmg5622ga:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:pmg5617ga:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:pmg5317-t20b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:xmg8825-b50a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:xmg3927-b50a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg9827-b50a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg8825-t50k:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg8825-bx0b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg8825-b50a_b60a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg8623-t50b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg3927-t50k:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg3927-b50b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg3927-b50a_b60a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg3625-t50b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg1312-t20b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:ex5510-b0:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:ex5501-b0:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg8726-b50a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg6726-b10a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg5723-t50k:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg5523-t50b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg1702-t10a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:dx4510-b0:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg3525-t50b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg3524-t10a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac6303d-s:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac5302d-sv2:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac5302d-s:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa5123-ac_hd:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa1123-ac_hd:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:ex3510-b0:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg4927-b50a:*:*:*:*:*:*:*:*
https:
https://www.zyxel.com/support/Zyxel_security_advisory_for_FragAttacks_against_WiFi_products.shtml
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU53096
Risk: Low
CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-24587
CWE-ID: N/A
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application in Windows Wireless Networking. A remote attacker on the local network can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWAH7706: All versions
LTE4506-M606: All versions
USG60W: All versions
USG40W: All versions
WX3310-B0: before 1.00(ABSF.2)C0
WRE6605: All versions
WRE6602: All versions
WRE6505 v2: All versions
WRE2206: All versions
WAP6806: All versions
WAP6804: All versions
WAP3205 v3: All versions
NWD6605: All versions
NWD6602: All versions
NWD6505: All versions
NBG7815 (Armor G5): All versions
NBG6818 (Armor G1): All versions
NBG6817 (Armor Z2): All versions
NBG6615: All versions
NBG6604: All versions
NBG6515: All versions
NBG-418N v2: All versions
WSR30 (Multy U): All versions
WSQ60 (Multy Plus): All versions
WSQ50 (Multy X): All versions
WSQ20 (Multy Mini): All versions
AX7501-B0: All versions
WAH7608: All versions
WAH7601: All versions
LTE5388-M804: All versions
LTE5366: All versions
LTE3316-M604(v2): All versions
LTE3316-M604(v1): All versions
LTE3302-M432: All versions
LTE3301-PLUS: All versions
LTE3301-M209: All versions
LTE3202-M437: All versions
LTE3202-M430: All versions
LTE2566: All versions
PMG5705-T10A: All versions
P-660HN-51: All versions
EMG3425-Q10A: All versions
USG20W-VPN: All versions
USG FLEX 100W: All versions
ATP100W: All versions
WAX650S: All versions
WAX610D: All versions
WAX510D: All versions
WAC6553D-E: All versions
WAC6552D-S: All versions
WAC6503D-S: All versions
WAC6502D-S: All versions
WAC6502D-E: All versions
WAC6103D-I: All versions
WAC500H: All versions
WAC500: All versions
NWA5123-AC: All versions
NWA210AX: All versions
NWA1302-AC: All versions
NWA1123ACv3: All versions
NWA1123-ACv2: All versions
NWA1123AC PRO: All versions
NWA110AX: All versions
NR7101: before 1.00(ABUV.4)C0
NR5101: before 1.00(ABVC.3)C0
NR2101: before 1.00(ABUS.5)C0
LTE7490-M904: before 1.00(ABQY.3)C0
LTE7485-S905: before 1.00(ABVN.5)C0
LTE7480-S905: before 2.00(ABQT.5)C0
LTE7480-M804: before 1.00(ABRA.3)C0
LTE7461-M602: before 2.00(ABQN.4)C0
LTE7240-M403: before 2.00(ABMG.4)C0
LTE5388-S905: before 1.00(ABVI.5)C0
PMG5622GA: before 5.40(ABNB.2)
PMG5617GA: before 5.40(ABNA.2)
PMG5317-T20B: before 5.40(ABKI.4)
XMG8825-B50A: before 5.17(ABMT.6)C0
XMG3927-B50A: before 5.17(ABMT.6)C0
VMG9827-B50A: before 5.13(ABLY.6)C0
VMG8825-T50K: before 5.50(ABOM.7)C0
VMG8825-Bx0B: before 5.17(ABNY.7)C0
VMG8825-B50A_B60A: before 5.17(ABMT.6)C0
VMG8623-T50B: before 5.50(ABPM.6)C0
VMG3927-T50K: before 5.50(ABOM.7)C0
VMG3927-B50B: before 5.13(ABLY.6)C0
VMG3927-B50A_B60A: before 5.17(ABMT.6)C0
VMG3625-T50B: before 5.50(ABPM.6)C0
VMG1312-T20B: before 5.50(ABSB.5)C0
EX5510-B0: before 5.15(ABQX.5)C0
EX5501-B0: before 5.17(ABRY.2)C0
EMG8726-B50A: before 5.13(ABNP.6)C0
EMG6726-B10A: before 5.13(ABNP.6)C0
EMG5723-T50K: before 5.50(ABOM.7)C0
EMG5523-T50B: before 5.50(ABSL.0)C0
EMG1702-T10A: before 1.00(ABNZ.1)C0
DX4510-B0: before 5.17(ABYL.0)C0
EMG3525-T50B: before 5.50(ABSL.0)C0
EMG3524-T10A: before 5.41(ABXU.1)C0
WAC6303D-S: before 6.25(ABGL.0)
WAC5302D-Sv2: before 6.25(ABVZ.0)
WAC5302D-S: before 6.25(ABFH.8)
NWA5123-AC HD: before 6.25(ABIM.0)
NWA1123-AC HD: before 6.25(ABIN.0)
EX3510-B0: before V5.17(ABUP.3)C0
VMG4927-B50A: before V5.13(ABLY.6)C0
CPE2.3- cpe:2.3:h:zyxel_communications_corp:wah7706:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte4506-m606:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:usg60w:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:usg40w:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wx3310-b0:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wre6605:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wre6602:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wre6505_v2:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wre2206:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wap6806:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wap6804:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wap3205_v3:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwd6605:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwd6602:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwd6505:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nbg7815_armor_g5:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nbg6818_armor_g1:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nbg6817_armor_z2:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nbg6615:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nbg6604:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nbg6515:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nbg-418n_v2:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wsr30_multy_u:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wsq60_multy_plus:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wsq50_multy_x:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wsq20_multy_mini:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:ax7501-b0:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wah7608:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wah7601:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte5388-m804:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte5366:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte3316-m604_v2:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte3316-m604_v1:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte3302-m432:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte3301-plus:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte3301-m209:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte3202-m437:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte3202-m430:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte2566:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:pmg5705-t10a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:p-660hn-51:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg3425-q10a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:usg20w-vpn:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:usg_flex_100w:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:atp100w:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wax650s:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wax610d:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wax510d:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac6553d-e:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac6552d-s:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac6503d-s:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac6502d-s:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac6502d-e:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac6103d-i:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac500h:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac500:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa5123-ac:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa210ax:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa1302-ac:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa1123acv3:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa1123-acv2:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa1123ac_pro:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa110ax:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nr7101:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nr5101:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nr2101:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte7490-m904:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte7485-s905:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte7480-s905:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte7480-m804:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte7461-m602:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte7240-m403:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte5388-s905:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:pmg5622ga:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:pmg5617ga:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:pmg5317-t20b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:xmg8825-b50a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:xmg3927-b50a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg9827-b50a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg8825-t50k:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg8825-bx0b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg8825-b50a_b60a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg8623-t50b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg3927-t50k:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg3927-b50b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg3927-b50a_b60a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg3625-t50b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg1312-t20b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:ex5510-b0:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:ex5501-b0:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg8726-b50a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg6726-b10a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg5723-t50k:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg5523-t50b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg1702-t10a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:dx4510-b0:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg3525-t50b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg3524-t10a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac6303d-s:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac5302d-sv2:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac5302d-s:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa5123-ac_hd:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa1123-ac_hd:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:ex3510-b0:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg4927-b50a:*:*:*:*:*:*:*:*
https:
https://www.zyxel.com/support/Zyxel_security_advisory_for_FragAttacks_against_WiFi_products.shtml
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Spoofing attack
EUVDB-ID: #VU53098
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-24588
CWE-ID:
CWE-451 - User Interface (UI) Misrepresentation of Critical Information (Clickjacking, spoofing)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to incorrect processing of user-supplied data in Windows Wireless Networking. A remote attacker on the local network can spoof page content.
MitigationInstall updates from vendor's website.
Vulnerable software versionsWAH7706: All versions
LTE4506-M606: All versions
USG60W: All versions
USG40W: All versions
WX3310-B0: before 1.00(ABSF.2)C0
WRE6605: All versions
WRE6602: All versions
WRE6505 v2: All versions
WRE2206: All versions
WAP6806: All versions
WAP6804: All versions
WAP3205 v3: All versions
NWD6605: All versions
NWD6602: All versions
NWD6505: All versions
NBG7815 (Armor G5): All versions
NBG6818 (Armor G1): All versions
NBG6817 (Armor Z2): All versions
NBG6615: All versions
NBG6604: All versions
NBG6515: All versions
NBG-418N v2: All versions
WSR30 (Multy U): All versions
WSQ60 (Multy Plus): All versions
WSQ50 (Multy X): All versions
WSQ20 (Multy Mini): All versions
AX7501-B0: All versions
WAH7608: All versions
WAH7601: All versions
LTE5388-M804: All versions
LTE5366: All versions
LTE3316-M604(v2): All versions
LTE3316-M604(v1): All versions
LTE3302-M432: All versions
LTE3301-PLUS: All versions
LTE3301-M209: All versions
LTE3202-M437: All versions
LTE3202-M430: All versions
LTE2566: All versions
PMG5705-T10A: All versions
P-660HN-51: All versions
EMG3425-Q10A: All versions
USG20W-VPN: All versions
USG FLEX 100W: All versions
ATP100W: All versions
WAX650S: All versions
WAX610D: All versions
WAX510D: All versions
WAC6553D-E: All versions
WAC6552D-S: All versions
WAC6503D-S: All versions
WAC6502D-S: All versions
WAC6502D-E: All versions
WAC6103D-I: All versions
WAC500H: All versions
WAC500: All versions
NWA5123-AC: All versions
NWA210AX: All versions
NWA1302-AC: All versions
NWA1123ACv3: All versions
NWA1123-ACv2: All versions
NWA1123AC PRO: All versions
NWA110AX: All versions
NR7101: before 1.00(ABUV.4)C0
NR5101: before 1.00(ABVC.3)C0
NR2101: before 1.00(ABUS.5)C0
LTE7490-M904: before 1.00(ABQY.3)C0
LTE7485-S905: before 1.00(ABVN.5)C0
LTE7480-S905: before 2.00(ABQT.5)C0
LTE7480-M804: before 1.00(ABRA.3)C0
LTE7461-M602: before 2.00(ABQN.4)C0
LTE7240-M403: before 2.00(ABMG.4)C0
LTE5388-S905: before 1.00(ABVI.5)C0
PMG5622GA: before 5.40(ABNB.2)
PMG5617GA: before 5.40(ABNA.2)
PMG5317-T20B: before 5.40(ABKI.4)
XMG8825-B50A: before 5.17(ABMT.6)C0
XMG3927-B50A: before 5.17(ABMT.6)C0
VMG9827-B50A: before 5.13(ABLY.6)C0
VMG8825-T50K: before 5.50(ABOM.7)C0
VMG8825-Bx0B: before 5.17(ABNY.7)C0
VMG8825-B50A_B60A: before 5.17(ABMT.6)C0
VMG8623-T50B: before 5.50(ABPM.6)C0
VMG3927-T50K: before 5.50(ABOM.7)C0
VMG3927-B50B: before 5.13(ABLY.6)C0
VMG3927-B50A_B60A: before 5.17(ABMT.6)C0
VMG3625-T50B: before 5.50(ABPM.6)C0
VMG1312-T20B: before 5.50(ABSB.5)C0
EX5510-B0: before 5.15(ABQX.5)C0
EX5501-B0: before 5.17(ABRY.2)C0
EMG8726-B50A: before 5.13(ABNP.6)C0
EMG6726-B10A: before 5.13(ABNP.6)C0
EMG5723-T50K: before 5.50(ABOM.7)C0
EMG5523-T50B: before 5.50(ABSL.0)C0
EMG1702-T10A: before 1.00(ABNZ.1)C0
DX4510-B0: before 5.17(ABYL.0)C0
EMG3525-T50B: before 5.50(ABSL.0)C0
EMG3524-T10A: before 5.41(ABXU.1)C0
WAC6303D-S: before 6.25(ABGL.0)
WAC5302D-Sv2: before 6.25(ABVZ.0)
WAC5302D-S: before 6.25(ABFH.8)
NWA5123-AC HD: before 6.25(ABIM.0)
NWA1123-AC HD: before 6.25(ABIN.0)
EX3510-B0: before V5.17(ABUP.3)C0
VMG4927-B50A: before V5.13(ABLY.6)C0
CPE2.3- cpe:2.3:h:zyxel_communications_corp:wah7706:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte4506-m606:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:usg60w:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:usg40w:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wx3310-b0:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wre6605:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wre6602:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wre6505_v2:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wre2206:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wap6806:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wap6804:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wap3205_v3:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwd6605:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwd6602:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwd6505:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nbg7815_armor_g5:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nbg6818_armor_g1:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nbg6817_armor_z2:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nbg6615:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nbg6604:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nbg6515:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nbg-418n_v2:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wsr30_multy_u:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wsq60_multy_plus:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wsq50_multy_x:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wsq20_multy_mini:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:ax7501-b0:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wah7608:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wah7601:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte5388-m804:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte5366:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte3316-m604_v2:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte3316-m604_v1:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte3302-m432:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte3301-plus:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte3301-m209:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte3202-m437:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte3202-m430:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte2566:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:pmg5705-t10a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:p-660hn-51:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg3425-q10a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:usg20w-vpn:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:usg_flex_100w:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:atp100w:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wax650s:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wax610d:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wax510d:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac6553d-e:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac6552d-s:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac6503d-s:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac6502d-s:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac6502d-e:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac6103d-i:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac500h:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac500:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa5123-ac:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa210ax:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa1302-ac:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa1123acv3:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa1123-acv2:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa1123ac_pro:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa110ax:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nr7101:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nr5101:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nr2101:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte7490-m904:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte7485-s905:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte7480-s905:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte7480-m804:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte7461-m602:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte7240-m403:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:lte5388-s905:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:pmg5622ga:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:pmg5617ga:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:pmg5317-t20b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:xmg8825-b50a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:xmg3927-b50a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg9827-b50a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg8825-t50k:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg8825-bx0b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg8825-b50a_b60a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg8623-t50b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg3927-t50k:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg3927-b50b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg3927-b50a_b60a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg3625-t50b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg1312-t20b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:ex5510-b0:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:ex5501-b0:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg8726-b50a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg6726-b10a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg5723-t50k:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg5523-t50b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg1702-t10a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:dx4510-b0:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg3525-t50b:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:emg3524-t10a:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac6303d-s:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac5302d-sv2:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:wac5302d-s:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa5123-ac_hd:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:nwa1123-ac_hd:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:ex3510-b0:*:*:*:*:*:*:*:*
- cpe:2.3:h:zyxel_communications_corp:vmg4927-b50a:*:*:*:*:*:*:*:*
https:
https://www.zyxel.com/support/Zyxel_security_advisory_for_FragAttacks_against_WiFi_products.shtml
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
