Zyxel backdoor found
-
Backdoor account discovered in more than 100,000 Zyxel firewalls, VPN gateways
The username and password (zyfwp/PrOw!aN_fXp) were visible in one of the Zyxel firmware binaries
More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account that can grant attackers root access to devices via either the SSH interface or the web administration panel.
-
At least it wasn't admin / admin.
-
Never heard of or seen these before. Are they only used mostly in Asia? Seems like a smaller company.
-
@Obsolesce said in Zyxel backdoor found:
Never heard of or seen these before. Are they only used mostly in Asia? Seems like a smaller company.
They are absolutely all over the place. Low cost at retail means just about all consumers have at least 1 Zyxel branded product somewhere.
Their "business" branded products are all about junk like their cheap consumer stuff, so not seeing their stuff isn't a surprise to me.
-
@Obsolesce said in Zyxel backdoor found:
Never heard of or seen these before. Are they only used mostly in Asia? Seems like a smaller company.
Just because it is not Microsoft, you have not heard of it....
-
@Obsolesce said in Zyxel backdoor found:
Never heard of or seen these before. Are they only used mostly in Asia? Seems like a smaller company.
Seem them a lot specially with the "Budget" ISP's.
We also had them in 60 odd stores for the MPLS connections.
-
Number of their products are OEM to isp and other manufacturers. We have a DSL backup circuit using an ORM Zyxel router. Will be disconnected on Monday as we don't need it
-
@Obsolesce said in Zyxel backdoor found:
Never heard of or seen these before. Are they only used mostly in Asia? Seems like a smaller company.
They are bigger in Asia, but they are all over the US. We run into them from time to time. More than we see D-Link, for example, but less than TP-Link. But five years ago, I'd have put them in front of TP-Link and behind D-Link.
-
@hobbit666 said in Zyxel backdoor found:
We also had them in 60 odd stores for the MPLS connections.
Why would you pay for MPLS (at all, first of all), let alone from someone using Zyxel equipment? MPLS is crazy legacy, but meant solely for business, Zyxel is consumer for "consumers who don't know what they are buying." If my MPLS vendor said that they used that, that contract would be over right there on the spot.
And now you see why;) What was the point of deploying MPLS where there was a hard coded password to all of your systems!
-
@jt1001001 said in Zyxel backdoor found:
Number of their products are OEM to isp and other manufacturers. We have a DSL backup circuit using an ORM Zyxel router. Will be disconnected on Monday as we don't need it
That's because DSL stands for Don't need that Shit any Longer.
-
@scottalanmiller said in Zyxel backdoor found:
@jt1001001 said in Zyxel backdoor found:
Number of their products are OEM to isp and other manufacturers. We have a DSL backup circuit using an ORM Zyxel router. Will be disconnected on Monday as we don't need it
That's because DSL stands for Don't need that Shit any Longer.
I'm using DSL right now, but we're right next to the COLAC, so we actually see 80mbps/20mbps. Our only other option is a cable company that would cost 3x more due to such low caps (Armstrong).
