CVE-2022-38546

Name of the Vulnerable Software and Affected Versions Zyxel NBG7510 versions prior to V1.00(ABZY.3)C0

Description The issue is related to a DNS misconfiguration in the Zyxel NBG7510 firmware, which could allow an unauthenticated attacker to access the DNS server when the device is switched to the AP mode. This is due to insufficient access control.

Recommendations For versions prior to V1.00(ABZY.3)C0, update the firmware to V1.00(ABZY.3)C0 or later to resolve the issue. As a temporary workaround, consider restricting access to the AP mode until the update is applied.