Zyxel Security Advisory for WiFi Simple Config Buffer Overflow Vulnerabilities

CVE: CVE-2021-35392, CVE-2021-35393

 

Summary

Zyxel is aware of two buffer overflow vulnerabilities in the WiFi Simple Config of Realtek’s Software Development Kit (SDK) for WiFi products and will release patches for the vulnerable products on the market. Users are advised to install the applicable firmware updates for optimal protection.

 

What is the vulnerability?

The first vulnerability is a stack buffer overflow that is present due to unsafe parsing of the UPnP SUBSCRIBE/UNSUBSCRIBE Callback header. The second vulnerability is a heap buffer overflow that is present due to unsafe crafting of SSDP NOTIFY messages from received M-SEARCH messages.

 

What versions are vulnerable—and what should you do?

After a thorough investigation, we’ve identified the vulnerable products that are within their warranty and support period and will release firmware patches to address the issues, as shown in the table below.

Affected model

Patch availability

WAP6804

V1.00 (ABKH.9)C0 in end of Oct. 2021*

NBG6615

V1.00(ABMV.6)C0 in middle of Nov. 2021

NBG-418N v2

V1.00(AARP.11)C0 in end of Nov. 2021

WAP3205 v3

V2.00(ABDM.5)C0 in end of Nov. 2021

*Please reach out to your local Zyxel support team for the file.

 

Please note that the P-330W, X150N, NBG-2105, NBG-416N, and NBG-418N models mentioned in a report by IoT Inspector entered end-of-life years previously; therefore, firmware updates are no longer provided for them. We recommend that users with these models replace them with newer-generations products, which typically come with improved designs that better suit current applications.

Articles in this section

Was this article helpful?
0 out of 1 found this helpful
Share