Summary
Zyxel is aware of a CRLF injection vulnerability in legacy USG100, USG200, USG300, USG20W, USG20, and USG50 firewalls. Since all of the affected models have reached end-of-vulnerability support, users are advised to replace them with newer-generation models for optimal protection.
What is vulnerability?
The CRLF injection vulnerability is due to improper input sanitization in the CGI program of some legacy Zyxel firewalls. This flaw could be used to conduct malicious attacks, such as cross-site scripting (XSS) and web cache poisoning.
What versions are vulnerable—and what should you do?
After a thorough investigation, we’ve identified only some legacy firewalls as being affected. The affected models, USG20, USG20W, USG50, USG100, USG200, and USG300, entered end-of-vulnerability-support many years earlier. In accordance with industry product life cycle management practices, Zyxel advises customers to replace these legacy products with newer-generation models.
Got a question?
Be in touch with our Support Team.
Acknowledgment
Thanks to Darren & Pedro from CipherTechs for reporting the issue to us.
Revision history
2022-06-07: Initial release