When you have some Zyxel in your network, it’s time to update of firmware

Currently reading
When you have some Zyxel in your network, it’s time to update of firmware

jeyare

Subscriber
1,767
581

Zyxel devices (Gateways, Firewalls, VPN modules,...), specially in SOHO or SME segment devices, have serious problem based on:
The vulnerability stems from Zyxel devices containing an undocumented account (called zyfwp) that has an unchangeable password – which can be found in cleartext in the firmware
and what is even worse:
As the zyfwp user has admin privileges, this is a serious vulnerability. An attacker could completely compromise the confidentiality, integrity and availability of the device.
at the source side you can find the firmware hardcoded password for the admin user.

here is complete research report :
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending threads

Top