Fixes in V4.62 (and nothing else noted):
1. Remote Code Execution vulnerability fix.Vulnerability Description:These are affected by a CGI vulnerability by the improper input sanitization of HTTP requests. It could allow Hackers to perform remote code execution via OS command injection.Affected Version:ZLD V4.35 and above
2. Buffer Overflow vulnerability fix.Vulnerability Description:The buffer overflow vulnerability causes a program to overwrite a memory block, so the system might be unstable or terminate abnormally.Affected Version:ZLD V4.30 and above Recommended Action:Users are advised to upgrade to the latest firmware (ZLD4.62) or hotfix immediately for optimal protection.Thank you for choosing ZyWALL ATP and USG FLEX series. Zyxel is committed to continuously updating your devices for the most advanced features.
FYI: I have updated two USGFlex 500s with no issues. Another person I know did the same with a USG 110.
https://businessforum.zyxel.com/discussion/9701/more-security-fixes-in-v4-62-for-v4-30-and-greater#latest
↧
