![cve 2017 14491 zyxel firmware update cve 2017 14491 zyxel firmware update](https://support.zyxel.eu/hc/article_attachments/4402982446482/5snlixu6b3tq.png)
Following the advice given, my smarthub shows a dnsmasq of 2.76, which Avast would suggest makes it vulnerable:
![cve 2017 14491 zyxel firmware update cve 2017 14491 zyxel firmware update](https://i.ytimg.com/vi/OhRfAhpSuG0/maxresdefault.jpg)
Since I originally posted, Avast have added this information to their forums. We also advise you not to visit suspicious websites or run software from questionable sources.
CVE 2017 14491 ZYXEL FIRMWARE UPDATE UPDATE
If an update addressing the vulnerability is not yet available for your device, you can secure your router or Wi-Fi hotspot with a strong password to minimize risks imposed by the vulnerability. To solve the vulnerability on your device, apply the firmware or system update that contains DnsMasq software version 2.78 or higher provided by your device's manufacturer. The issue was fixed in DnsMasq software version 2.78, released in October 2017. It allows the attacker to intercept connections and perform a traffic hijack, or execute arbitrary code with unrestricted privileges as well as access all important and private data stored on the device - your device login/password combination, your Wi-Fi password, and your configuration data.Īny device connected to your network, including computers, phones, tablets, printers, security cameras, or any other networked device in your home or office network, may have an increased risk of compromise. A remote attacker can gain control of your network device and your Internet connection by sending malformed DNS packets to the device. The affected device's DNS service is running an outdated version of the DnsMasq software which is known to have a heap buffer overflow vulnerability. Reference: CVE-2017-14491 | Google Security Blog We have identified the following problem with your router or Wi-Fi hotspot device:DnsMasq heap buffer overflow vulnerability