Print Page - Backdoor account discovered in more than 100,000 Zyxel firewalls, VPN gateways

Title: Backdoor account discovered in more than 100,000 Zyxel firewalls, VPN gateways
Post by: icecream-guy on January 04, 2021, 08:13:17 AM

https://www.zdnet.com/article/backdoor-account-discovered-in-more-than-100000-zyxel-firewalls-vpn-gateways/

More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account that can grant attackers root access to devices via either the SSH interface or the web administration panel.

Title: Re: Backdoor account discovered in more than 100,000 Zyxel firewalls, VPN gateways
Post by: deanwebb on January 04, 2021, 10:13:21 AM

Just what we ALL needed, another hardcoded admin account...

Title: Re: Backdoor account discovered in more than 100,000 Zyxel firewalls, VPN gateways
Post by: Dieselboy on January 04, 2021, 09:17:28 PM

Hahaha funny joke, Zyxel! :eek:

... Cue the shodan searches to find them.

Title: Re: Backdoor account discovered in more than 100,000 Zyxel firewalls, VPN gateways
Post by: icecream-guy on January 05, 2021, 03:33:12 PM

Quote from: Dieselboy on January 04, 2021, 09:17:28 PM
Hahaha funny joke, Zyxel! :eek:

... Cue the shodan searches to find them.

They already posted the u/p in the sub heading in the article

Title: Re: Backdoor account discovered in more than 100,000 Zyxel firewalls, VPN gateways
Post by: wintermute000 on January 06, 2021, 03:54:04 AM

I just assume its all internet of shit unless its a properly configured enterprise-grade FW and even then they have their zero-days like everyone else

Title: Re: Backdoor account discovered in more than 100,000 Zyxel firewalls, VPN gateways
Post by: deanwebb on January 06, 2021, 01:58:17 PM

The "S" in "IoT" stands for "Security". :smug:

Networking-Forums.com

Professional Discussions => Security => Topic started by: icecream-guy on January 04, 2021, 08:13:17 AM