More than 100,000 Zyxel networking products could be vulnerable to a hardcoded credential vulnerability (CVE-2020-29583) potentially allowing cybercriminal device takeover.threatpost.com
Zyxel devices (Gateways, Firewalls, VPN modules,...), specially in SOHO or SME segment devices, have serious problem based on:
and what is even worse:The vulnerability stems from Zyxel devices containing an undocumented account (called zyfwp) that has an unchangeable password – which can be found in cleartext in the firmware
at the source side you can find the firmware hardcoded password for the admin user.As the zyfwp user has admin privileges, this is a serious vulnerability. An attacker could completely compromise the confidentiality, integrity and availability of the device.
here is complete research report :
Niels Teusink, Senior Cyber Security Specialist at EYE, explains how he found an undocumented user account in Zyxel security appliances.www.eyecontrol.nl