Network Security·Vulnerabilities

Hardcoded Credentials Expose Zyxel Firewalls and WLAN Controllers to Remote Attacks

Several Zyxel firewall and WLAN controller products contain hardcoded credentials for an undocumented user account that has admin privileges. Identified by EYE security researcher Niels Teusink, the vulnerability exists because the password for the “zyfwp” user account was stored in plaintext and was visible in one of the binaries on the system. The post Hardcoded Credentials Expose Zyxel Firewalls and WLAN Controllers to Remote Attacks appeared first on SecurityWeek.

f
𝕏
R

Several Zyxel firewall and WLAN controller products contain hardcoded credentials for an undocumented user account that has admin privileges.

Identified by EYE security researcher Niels Teusink, the vulnerability exists because the password for the “zyfwp” user account was stored in plaintext and was visible in one of the binaries on the system.

Latest News

TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
T-Mobile Sets the Record Straight on Latest Data Breach Filing
North Korean Hackers Drain $285 Million From Drift in 10 Seconds
Critical Vulnerability in Claude Code Emerges Days After Source Leak

Publisher