Zyxel security advisory for buffer overflow vulnerabilities in some 5G NR CPE, DSL/Ethernet CPE, Fiber ONT, and Wi-Fi extender devices

CVE: CVE-2024-5412

Summary

Zyxel has released patches for some 5G NR CPE, DSL/Ethernet CPE, Fiber ONT, and Wi-Fi extender devices affected by a buffer overflow vulnerability. Users are advised to install them for optimal protection.

 

What is the vulnerability?

The buffer overflow vulnerability in the library "libclinkc" of some 5G NR CPE, DSL/Ethernet CPE, Fiber ONT, and Wi-Fi extender devices could allow an unauthenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device.

 

What versions are vulnerable—and what should you do?

After a thorough investigation, we’ve identified the vulnerable products that are within their vulnerability support period and released patches to address the vulnerabilities, as shown in the tables below.

ProductAffected modelAffected versionPatch availability*
5G NR CPENR51034.19(ABYC.5)C0 and earlier4.19(ABYC.6)C0*
NR5103EV21.00 (ACIQ.0)C0 and earlier1.00(ACIQ.1)C0*
NR53071.00(ACJT.0)B5 and earlier1.00(ACJT.0)B6*
NR71031.00(ACCZ.3)C0 and earlier1.00(ACCZ.4)C0*
NR73021.00(ACHA.3)C0 and earlier1.00(ACHA.4)C0*
NR73031.00(ACEI.1)B3 and earlier1.00(ACEI.1)B4*
NR75011.00(ACEH.1)B2 and earlier1.00(ACEH.1)C0*
DSL/Ethernet CPEDX3300-T05.50(ABVY.5)C0 and earlier5.50(ABVY.5.3)C0*
DX3300-T15.50(ABVY.5)C0 and earlier5.50(ABVY.5.3)C0*
DX3301-T05.50(ABVY.5)C0 and earlier5.50(ABVY.5.3)C0*
DX4510-B05.17(ABYL.6)C0 and earlier5.17(ABYL.7)B2*
DX5401-B05.17(ABYO.6)C0 and earlier5.17(ABYO.6.2)C0*
DX5401-B15.17(ABYO.6)C0 and earlier5.17(ABYO.6.2)C0*
EX3300-T05.50(ABVY.5)C0 and earlier5.50(ABVY.5.3)C0*
EX3300-T15.50(ABVY.5)C0 and earlier5.50(ABVY.5.3)C0*
EX3301-T05.50(ABVY.5)C0 and earlier5.50(ABVY.5.3)C0*
EX3500-T05.44(ACHR.1)C0 and earlier5.44(ACHR.2)C0*
EX3501-T05.44(ACHR.1)C0 and earlier5.44(ACHR.2)C0*
EX3510-B05.17(ABUP.11)C0 and earlier5.17(ABUP.12)B2*
EX5401-B05.17(ABYO.6)C0 and earlier5.17(ABYO.6.2)C0*
EX5401-B15.17(ABYO.6)C0 and earlier5.17(ABYO.6.2)C0*
EX5510-B05.17(ABQX.9)C0 and earlier5.17(ABQX.10)B2*
EX5512-T05.70(ACEG.3)C1 and earlier5.70(ACEG.3)C2*
EX5601-T05.70(ACDZ.3)C0 and earlier5.70(ACDZ.3.2)C0*
EX5601-T15.70(ACDZ.3)C0 and earlier5.70(ACDZ.3.2)C0*
EX7501-B05.18(ACHN.1)C0 and earlier5.18(ACHN.1.2)C0*
EX7710-B05.18(ACAK.1)C0 and earlier5.18(ACAK.1)C1*
EMG3525-T50B5.50(ABPM.9)C0 and earlier5.50(ABPM.9.2)C0*
EMG5523-T50B5.50(ABPM.9)C0 and earlier5.50(ABPM.9.2)C0*
EMG5723-T50K5.50(ABOM.8)C0 and earlier5.50(ABOM.8.4)C0*
VMG3625-T50B5.50(ABPM.9)C0 and earlier5.50(ABPM.9.2)C0*
VMG3927-T50K5.50(ABOM.8)C0 and earlier5.50(ABOM.8.4)C0*
VMG4005-B50A5.15(ABQA.2)C0 and earlier5.15(ABQA.2.2)C0*
VMG4005-B60A5.15(ABQA.2)C0 and earlier5.15(ABQA.2.2)C0*
VMG8623-T50B5.50(ABPM.9)C0 and earlier5.50(ABPM.9.2)C0*
VMG8825-T50K5.50(ABOM.8)C0 and earlier
Customized: 5.50(ABPY.1)b24 and earlier		5.50(ABOM.8.4)C0*
Customized: 5.50(ABPY.1)b25*
Fiber ONTAX7501-B05.17(ABPC.5)C0 and earlier5.17(ABPC.5.2)C0*
AX7501-B15.17(ABPC.5)C0 and earlier5.17(ABPC.5.2)C0*
PM3100-T05.42(ACBF.2)C0 and earlier5.42(ACBF.2.1)C0*
PM5100-T05.42(ACBF.2)C0 and earlier5.42(ACBF.2.1)C0*
PM7300-T05.42(ABYY.2.1)C0 and earlier5.42(ABYY.2.2)C0*
PX3321-T15.44(ACJB.0)Z0 and earlier5.44(ACJB.0.2)Z0*
Wi-Fi extenderWX3100-T05.50(ABVL.4.1)C0 and earlier5.50(ABVL.4.2)C0*
WX3401-B05.17(ABVE.2.4)C0 and earlier5.17(ABVE.2.5)C0*
WX5600-T05.70(ACEB.3)C0 and earlier5.70(ACEB.3.2)C0*

* Please contact your Zyxel sales representative or support team to obtain the file.

Please note that the table does NOT include customized models specifically designed for ISP customers.

 

Got a question?

For our ISP customers, please contact your Zyxel sales or service representatives for more information. For customers who have acquired Zyxel devices through an ISP, please directly contact your ISP's support team, as the devices may have custom configurations.

 

Acknowledgment

Thanks to Dawid Kulikowski for reporting the issue to us.

 

Revision history

2024-9-3: Initial release