Your browser either does not support JavaScript or you have turned JavaScript off.

Zyxel statement for the TR-064 protocol implementation in CPEs

The issue

TR-064 LAN-side CPE configuration bound to the TR-069 CPE WAN Management Protocol (CWMP) interface through TCP port 7547. With malicious practice in place, unauthorized users could access or alter the device’s LAN configuration from the WAN-side using TR-064 protocol.

Zyxel is aware of the issue and assures customers that we are handling the issue with top priority. We have conducted a thorough investigation and found that the root cause of this issue lies with the Econet/Linux and LiNOS platforms. Zyxel has identified the susceptible models, as listed in Table 1 below.


The solution

Will be implemented to discard TR-064 packets from the WAN side to keep the devices protected.

For users whose devices not supplied by a Service Provider, Zyxel recommends you upgrade to the latest available firmware available on Zyxel Support Center for maximum protection.


As a good security practice, Zyxel also strongly recommends all users take the following steps to maximize protection against cyber threats:

1. Change device administration password as well as the Wi-Fi SSID/password

2. Increase password strength. Long and complex passwords are harder to crack



Click here to see how to upgrade your device firmware and here to see how to change your device password. If you have any issues with the procedures, please contact us at routersupport@zyxel.com.tw

Please contact your local service or sales representatives if you require any further assistance.


Table 1.

Model Applicable Region Applicable Countries Firmware Patch and Download Links
AMG1001-T10A Europe Nordic countries V1.00(AAJL.2)D0
All other European countries V1.00(AAJL.2)C0
AMG1202-T10A Europe UK V1.00(AAAM.3)D0
Ireland V1.00(AAAM.3)F0
AMG1202-T10B Europe Sweden + Finland V2.00(AAFN.17)E0
All other European countries V2.00(AAFN.17)C0
Africa South Africa V2.00(AAFN.17)H0
Asia Thailand V2.00(AAQP.4b1)_G0
India V2.00(AAQP.4b1)_K0
Middle-East UAE V2.00(AAQP.4b1)_V0
Central America Central America countries V2.00(AAFN.17)D0
AMG1302-T10A Europe UK V1.00(AABK.3)D0
AMG1302-T10B Europe UK V2.00(AAJC.16)I0
All other European countries V2.00(AAJC.16)C0
Asia Thailand V2.00(AARX.1b5)_G0
Central America Central America countries V2.00(AAJC.16)D0
South America Argentina V2.00(AAJC.16)D0
AMG1302-T11C Europe Sweden + Finland V3.00(ABCG.8)E0
UK V3.00(ABCG.8)I0
All other European countries V3.00(ABCG.8)C0
Africa South Africa V3.00(ABCG.8)H0
Central America Central America countries V3.00(ABCG.8)D0
AMG1312-T10B Europe Sweden + Finland V2.00(AAFP.12)E0
All other European countries V2.00(AAFP.12)C0
Africa South Africa V2.00(AAFP.12)H0
Asia Thailand V2.00(AAQF.2b10)_G0
India V2.00(AAFP.12)C0
Middle-East UAE V2.00(AAQF.2b10)