https://www.zyxel.com/support/DNSpooq.shtmlSummary
Zyxel will release patches for products affected by the Dnsmasq vulnerabilities reported by CERT/CC. Users are advised to install the applicable firmware updates or follow the best practices for optimal protection.
What is the vulnerability?
Dnsmasq, open-source software that provides DNS forwarding and caching, has two sets of vulnerabilities, as listed below. Dubbed as DNSpooq, these vulnerabilities could allow an attacker to corrupt memory on the target device and perform cache poisoning attacks against the target environment.
Memory corruption vulnerabilities due to boundary checking errors in DNSSEC handling code. (CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, and CVE-2020-25687)
DNS response validation vulnerabilities that can result in DNS cache poisoning. (CVE-2020-25684, CVE-2020-25685, and CVE-2020-25686)
This is a interesting read
