First published: Tue Sep 10 2024(Updated: )
An insufficient entropy vulnerability caused by the improper use of a randomness function with low entropy for web authentication tokens generation exists in the Zyxel GS1900-10HP firmware version V2.80(AAZI.0)C0. This vulnerability could allow a LAN-based attacker a slight chance to gain a valid session token if multiple authenticated sessions are alive.
Credit: security@zyxel.com.tw
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
Zyxel Gs1900-48hpv2 Firmware | <2.80\(abtq.1\)c0 | |
Zyxel Gs1900-48hpv2 | ||
All of | ||
Zyxel Gs1900-48 Firmware | <2.80\(aahn.1\)c0 | |
Zyxel GS1900-48 | ||
All of | ||
Zyxel Gs1900-24hpv2 Firmware | <2.80\(abtp.1\)c0 | |
Zyxel Gs1900-24hpv2 | ||
All of | ||
Zyxel Gs1900-24ep Firmware | <2.80\(abto.1\)c0 | |
Zyxel GS1900-24EP | ||
All of | ||
Zyxel Gs1900-24e Firmware | <=2.80\(aahk.1\)c0 | |
Zyxel GS1900-24E | ||
All of | ||
Zyxel Gs1900-24 Firmware | <=2.80\(aahl.1\)c0 | |
Zyxel GS1900-24 | ||
All of | ||
Zyxel Gs1900-16 Firmware | <2.80\(aahj.1\)c0 | |
Zyxel Gs1900-16 | ||
All of | ||
Zyxel GS1900-10HP firmware | <2.80\(aazi.1\)c0 | |
Zyxel GS1900-10HP | ||
All of | ||
Zyxel Gs1900-8hp Firmware | <2.80\(aahi.1\)c0 | |
Zyxel Gs1900-8hp | ||
All of | ||
Zyxel GS1900-8 firmware | <2.80\(aahh.1\)c0 | |
Zyxel GS1900-8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.