Security gaps were discovered in older firewalls from the network supplier Zyxel, which the manufacturer does not want to fix due to the end of support for the devices. This can be remedied by replacing it with newer devices, i.e. buying hardware of a newer generation.
In a security advisory, Zyxel warns that the vulnerable devices have a so-called CRLF injection vulnerability. This allows attackers to inject a line break character into HTTP requests, for example, which malicious actors could misuse in specific cases for cross-site scripting (XSS) or web cache poisoning, among other things.
Users behind old Zyxel firewall at risk
Both types of attack could allow attackers to foist malicious HTML or malicious scripts on users in the network behind the firewall. The error is based on the fact that the CGI programs, which, among other things, evaluate the parameters passed in HTTP requests, do not adequately filter user input in the old Zyxel firewalls. The manufacturer does not give any further details.
According to Zyxel, the firewalls are affected USG100, USG200, USG300, USG20W, USG20 and USG50. According to the manufacturer, these have reached end-of-vulnerability support. Some of the devices are more than 15 years old. However, since they are advertised for use in companies with branch networks in particular, such outdated hardware could still do their work there undetected and thus open up security gaps in the network.
IT managers should check whether such old hardware is still lying dormant in their networks. They should replace them with devices that are still supported by the manufacturer and receive security updates.
To home page
#Vulnerabilities #outdated #Zyxel #firewalls #Buy #fix