Developers: | Zyxel Communications |
Date of the premiere of the system: | 2020/11/16 |
Last Release Date: | 2023/02/01 |
Technology: | Routers (routers) |
Main article: Routers (global market)
2023: Addressing Four Vulnerabilities
The company Zyxel eliminated four vulnerabilities discovered by expert Positive Technologies Nikita Abramov in several episodes -. Wi-Firouters The equipment also uses technology 4G to 5G work with operator networks. cellular communications Positive Technologies announced this on February 1, 2023.
Vulnerable routers can be used in homes, in corporate environments, as well as in remote units and at production facilities. In addition, the found and closed vulnerabilities also affected other Zyxel network devices: optical network terminals, Internet gateways, Wi-Fi amplifiers.
Errors were detected in the following devices:
- 4G LTE CPE routers: LTE3202-M437, LTE3316-M604, LTE7480-M804, LTE490-M904;
- 5G NR routers: NR5103, NR5103E, NR7101, NR7102, NR7103;
- optical network terminals (PM7320-B0, etc.), Internet gateways (EX5510-B0, etc.), Wi-Fi amplifiers (WX3100-T0, etc.).
Among the discovered vulnerabilities, the greatest interest was the CVE-2022-43389 error (score 8.6 on the CVSS v3.0 scale) associated with a buffer overflow on the stack, - said Nikita Abramov. - It did not require authentication and led to the execution of arbitrary code on the device. Thus, an attacker could gain remote access to the device and fully control the process of its operation. In particular, transmitted traffic was under threat. In addition, there was a risk of denial of service, which potentially allowed to leave the end object of the infrastructure without communication. |
Two other vulnerabilities allowed an attacker to implement system commands on behalf of an authenticated user (CVE-2022-43391, score 7.1, and CVE-2022-43392, score 7.1). On the vulnerable device, you could execute some system commands by sending HTTP a request. Another vulnerability (CVE-2022-43390, score 5.4) is associated, like the first, with a buffer overflow. At the time of the study, Zyxel's vulnerable devices could be detected using, search engines mainly REPUBLIC OF SOUTH AFRICA in and. countries Europe
According to the researcher, many vulnerabilities associated with buffer overflows occur when memory is malfunctioning, its size and distribution, or at the parsing stage, and when data commands are implemented, some special characters are not filtered. Very often, such errors appear due to the inattention of the developer or due to insufficient testing. To eliminate them, you need to use the tools for analyzing and testing the source code at the development stage.
To fix vulnerabilities, you should update the firmware of your device according to the manufacturer's recommendations described in the security notice. The company emphasizes that on most devices prone to these errors, access to the wide area network is disabled by default, which provides additional protection.
2020: NR7101, NR5101 и NR2101
On November 16, 2020, Zyxel announced the availability of a line of its 5G-enabled products, which began mass production in the second quarter of 2020.
According to the company, as of November 2020, customers require a high-speed connection To the Internet to with minimal transmission delays. data However, some home users do not have access to the broadband link. With the help of Zyxel products based on 5G technology, broadband scalable services and high-speed connection to have become available, as well To the Internet as the ability to optimize safety the network infrastructure and increase the flexibility of its deployment.
Zyxel offers a portfolio of 5G products for outdoor, indoor and travel use, including:
- 5G Street Router (NR7101)
- 5G Room Router (NR5101)
- 5G Portable Router (NR2101)
With these Zyxel devices, you can provide broadband Internet access anywhere. Combined with Wi-Fi 6 technology, Zyxel 5G solutions provide the right quality of high-speed Wi-Fi without dead spots for consumers.
Together with Zyxel 5G solutions, a mobile application is supplied that simplifies the configuration of routers and their connection to the network. This mobile application optimizes deployment and eliminates the need for a service engineer to leave to configure subscriber equipment. Users can also use mobile apps to find where 5G signal is best received and install their router there.
NR7101, NR5101 and NR2101 are available for order through official Zyxel distributors in Russia and the CIS.