Backdoor account discovered in more than 100,000 Zyxel firewalls, VPN gateways
Security researchers have discovered a hardcoded admin-level backdoor account on more than 100,000 Zyxel firewalls, VPN gateways, and access point controllers. These backdoor accounts can grant attackers root access via the web administration panel or the SSH interface, making the situation a critical threat to consumers. The backdoor account was discovered by researchers working for Eye Control.
The vulnerability is considered at the top of the list in terms of the worst flaws to exist within an application or software. Device owners are urged to update the system as soon as possible to mitigate any risks posed by the vulnerability. Security experts warn that ransomware gangs and hacking groups could abuse the backdoor account o access vulnerable devices and launch additional harmful attacks. Affected models of Zyxel’s top products include the Advanced Threat Protection firewall, the Unified Security Gateway hybrid firewall and VPN gateway, and the VPN series.