Hackers are exploiting a backdoor built into Zyxel devices. Are you patched?

Dan Goodin

from Ars Technica - All content on 2021-01-04 22:10 (#5CD7X)

Hackers are attempting to exploit a recently discovered backdoor built into multiple Zyxel device models that hundreds of thousands of individuals and businesses use as VPNs, firewalls, and wireless access points.

The backdoor comes in the form of an undocumented user account with full administrative rights that's hardcoded into the device firmware, a researcher from Netherlands-based security firm Eye Control recently reported. The account, which uses the username zyfwp, can be accessed over either SSH or through a Web interface.

A serious vulnerability

The researcher warned that the account put users at considerable risk, particularly if it were used to exploit other vulnerabilities such as Zerologon, a critical Windows flaw that allows attackers to instantly become all-powerful network administrators.

Read 9 remaining paragraphs | Comments

index?i=qpgi8xqAslw:EXZQgEUJkZc:V_sGLiPB

index?i=qpgi8xqAslw:EXZQgEUJkZc:F7zBnMyn

Source	RSS or Atom Feed
Feed Location	http://feeds.arstechnica.com/arstechnica/index
Feed Title	Ars Technica - All content
Feed Link	https://arstechnica.com/