Zyxel · Zyxel Gs1900 · CVE-2022-34746
**Name of the Vulnerable Software and Affected Versions**
Zyxel GS1900 series firmware versions prior to V2.70
**Description**
An insufficient entropy issue, caused by the improper use of randomness sources with low entropy for RSA key pair generation, affects the web administration interface. This could allow an unauthenticated attacker to retrieve a private key by factoring the RSA modulus N in the certificate.
**Recommendations**
For Zyxel GS1900 series firmware versions prior to V2.70, update to version V2.70 or later to resolve the issue. As a temporary workaround, consider restricting access to the web administration interface until the update can be applied.