Your browser either does not support JavaScript or you have turned JavaScript off.

Zyxel security advisory for dnsmasq vulnerabilities

Google has recently found multiple security vulnerabilities affecting Dnsmasq version 2.77 and earlier, as identified in US-CERT vulnerability note VU#973527 with CVE IDs below:


Zyxel has identified a list of products vulnerable to the issue(s), as shown in table 1 below. We are now deploying or backporting the latest version of Dnsmasq (V2.78) into these products, and the patch firmware schedule is included in table 1.


Table 1

Product Series/Model Patch firmware versionAvailability
DSL CPE AMG1302-T11C ABCG12C0 Feb 2018
VMG1312-B10A AAJZ14C0 Jan 2018
VMG1312-B10D V5.13(AAXA.7) Dec 2017
VMG1312-B30A AATO9C0 Jan 2018
VMG3312-T series ABFX1C0 Dec 2017
VMG3625-T series ABIE0C0 Oct 2017
VMG3925-B10B AAVF10C0 Dec 2017
VMG3926-B10A AAVF10C0 Dec 2017
VMG5313-B10B V5.13(AAYY.6) Dec 2017
VMG8823-B50B V5.13(ABEJ.2) Dec 2017
VMG8823-B60B V5.13(ABEJ.2) Dec 2017
VMG8924-B10A
VMG8324-B10A
AAKL20C0 Jan 2018
VMG8924-B10D V5.13(ABGQ.1) Dec 2017
VMG8924-B30A AAPQ14C0 Jan 2018
VMG8924-B30D V5.13(ABGP.1) Jan 2018
XMG3512-B series ABDR1C0 Dec 2017
DSL CPE (Gemini) Gateway 400 6.38.2.10.03 13-Oct 2017
Speedlink 5501/6501 4.38.2.10.06 13-Oct 2017
Speedlink 5502 7.39.2.01.00 27-Oct 2017
VMG5304 8.39.3 27-Oct 2017
VMG8029 10.39.3 20-Oct 2017
VMG8546 9.39.3 20-Oct 2017
Ethernet gateway EMG2306 V1.00(AAJM.5)C0 Dec 2017
EMG2926 V1.00(AAVK.6)C0 Oct 2017
EMG3425 V1.00(AAYJ.11)C0 Dec 2017
GPON ONT PMG5317-T20A To be updated To be updated
PMG5317-T20B To be updated To be updated
Home router NBG6515 V1.00(AXS.5)C0 Feb 2018
NBG6604 V1.00(ABIR.2)C0 Jan 2018
NBG6617 V1.00(ABCT.6)C0 Dec 2017
NBG6815 V1.00(ABBP.7)C0 Feb 2018
NBG6816 V1.00(AAWB.10)C0 Dec 2017
NBG6817 V1.00(ABCS.8)C0 Jan 2018
LTE CPE LTE4506-M606 V1.00(ABDO.3)C0 15-Dec 2017
LTE7410 V2.60(ABAW.6)C0 Feb 2018
LTE7460 V1.00(ABFR.4)C0 20-Dec 2017
WAH7706 V1.00(ABBC.8)C0 22-Dec 2017
WiFi system WSQ50 V1.00(ABKJ.2)C0 Dec 2017
Wireless extender WAP6806 V1.00(ABAL.6)C0 18-Feb 2018

Please contact your local service representatives if you require further information or assistance. To report a vulnerability, please contact security@zyxel.com.tw


[References]

  1. Google disclosure https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html
  2. US-CERT vulnerability note https://www.kb.cert.org/vuls/id/973527