Unauthenticated Access to DNS Server in Zyxel NBG7510 Firmware

Unauthenticated Access to DNS Server in Zyxel NBG7510 Firmware

CVE-2022-38546 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A DNS misconfiguration was found in Zyxel NBG7510 firmware versions prior to V1.00(ABZY.3)C0, which could allow an unauthenticated attacker to access the DNS server when the device is switched to the AP mode.

Learn more about our Cis Benchmark Audit For Server Software.