Cybercriminals Ramp Up Exploits Against Serious Zyxel Flaw
More than 100,000 Zyxel networking products could be vulnerable to a hardcoded credential vulnerability (CVE-2020-29583) potentially allowing cybercriminal device takeover.threatpost.com
Zyxel devices (Gateways, Firewalls, VPN modules,...), specially in SOHO or SME segment devices, have serious problem based on:
and what is even worse:The vulnerability stems from Zyxel devices containing an undocumented account (called zyfwp) that has an unchangeable password – which can be found in cleartext in the firmware
at the source side you can find the firmware hardcoded password for the admin user.As the zyfwp user has admin privileges, this is a serious vulnerability. An attacker could completely compromise the confidentiality, integrity and availability of the device.
here is complete research report :
Undocumented user account in Zyxel products (CVE-2020-29583) | EYE
Zyxel is a popular brand for firewalls that are marketed towards small and medium businesses. Their Unified Security Gateway (USG) product line is often used as a firewall or VPN gateway. As a lot of us are working from home, VPN-capable devices have been quite selling well lately.www.eyecontrol.nl