Metrics
Affected Vendors & Products
Solution
ZyXEL has made firmware updates available for NAS326, NAS520, NAS540, NAS542, ATP100, ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200, VPN50, VPN100, VPN300, VPN1000, ZyWALL110, ZyWALL310, and ZyWALL1100 devices.
Workaround
Block access to the ZyXEL device web interface: This issue can be mitigated by blocking (for example with a firewall) access to the web interface (80/tcp and 443/tcp) of any vulnerable ZyXEL device. Any machine that can access the ZyXEL web interface should not also be able to access the internet. Restrict access to vulnerable ZyXEL devices: Direct exploitation of this vulnerability can be mitigated by restricting access to vulnerable devices. In particular, do not expose such devices directly to the internet. Note however, that it is still possible for attackers to exploit devices that are not directly connected to the internet. For example, by way of viewing a web page.
Fri, 07 Feb 2025 13:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
kev
|

Status: PUBLISHED
Assigner: certcc
Published:
Updated: 2025-07-30T01:45:47.503Z
Reserved: 2020-02-18T00:00:00.000Z
Link: CVE-2020-9054

Updated: 2024-08-04T10:19:19.559Z

Status : Analyzed
Published: 2020-03-04T20:15:10.750
Modified: 2025-03-21T19:50:32.680
Link: CVE-2020-9054

No data.

No data.