CVE-2022-34746

Name of the Vulnerable Software and Affected Versions Zyxel GS1900 series firmware versions prior to V2.70

Description An insufficient entropy issue, caused by the improper use of randomness sources with low entropy for RSA key pair generation, affects the web administration interface. This could allow an unauthenticated attacker to retrieve a private key by factoring the RSA modulus N in the certificate.

Recommendations For Zyxel GS1900 series firmware versions prior to V2.70, update to version V2.70 or later to resolve the issue. As a temporary workaround, consider restricting access to the web administration interface until the update can be applied.