Backdoor account discovered in more than 100,000 Zyxel firewalls, VPN gateways

Found on ZD Net on Saturday, 02 January 2021

More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account that can grant attackers root access to devices via either the SSH interface or the web administration panel.

Installing patches removes the backdoor account, which, according to Eye Control researchers, uses the "zyfwp" username and the "PrOw!aN_fXp" password.

It's hard to believe that this was just a stupid accident, since the account in question required a patch to remoove it.

Browse all articles« Previous « » Next »