Zyxel statement for the TR-064 protocol implementation in CPEs
- Homepage
- Support
- Announcements
- Zyxel statement for the TR-064 protocol implementation in CPEs
The issue
TR-064 LAN-side CPE configuration bound to the TR-069 CPE WAN Management Protocol (CWMP) interface through TCP port 7547. With malicious practice in place, unauthorized users could access or alter the device's LAN configuration from the WAN-side using TR-064 protocol.
Zyxel is aware of the issue and assures customers that we are handling the issue with top priority. We have conducted a thorough investigation and found that the root cause of this issue lies with one of our chipset providers, Econet, with chipsets RT63365 and MT7505 with SDK version #7.3.37.6 and #7.3.119.1 v002 respectively.
Zyxel has identified the susceptible models within their warranty and support period, as listed in Table 1.
The solution
Will be implemented to discard TR-064 packets from the WAN side to keep the devices protected.
For users whose devices not supplied by a Service Provider, Zyxel recommends you upgrade to the latest available firmware available on Zyxel Support Center for maximum protection.
Table 1. Susceptible models
ModelSolution available byDownload linkFirmware Upgrade Procedure
AMG1202-T10B Now
AMG1302-T10B Now
AMG1302-T11C Now
AMG1312-T10B Now
Please contact your local service or sales representatives if you require any further assistance.