The most popular VPN offerings have been discovered with a major security vulnerability.
This got confirmed with an admin-level backdoor account that has been found by security personnel at Dutch firm Eye Control. This account could grant attackers root access to Zyxel’s VPN services’ users.
Moreover, it could also allow attackers to access firewalls and point controllers that have to be managed by the firm.
Zyxel system binaries operating firmware with version 4.60, patch 0 has the capability to make backdoor account username and password visible in a clear plain text.
The credentials that have been shown allowed an individual to perform root access to the Zyxel device. Apart from this also allowed to work on both web interface access portal and on the SSH.
A senior cybersecurity expert at Eye Control, Niels Teusink says that user having an admin-level permit is undoubtedly a serious vulnerability. This could totally risk the intimacy, integrity and also device availability to attackers.
For example, someone with this level of access can easily change the entire firewall settings and allow or block certain traffic as per the need.
The access isn’t limited here, they could even preclude traffic or create fresh VPN accounts to access the desired network from the device back anonymously.
He further added that integrated with a vulnerability like Zerologon this access grant could show a devastating result to businesses on a medium or small scale.
Fixes on the way-
Eye Control complete research says that total around 100,000 Zyxel devices is found to be affected by the vulnerability.
More in the report it says that affected Zyxel products mostly include the Advanced Threat Protection (ATP) series of devices.
What’s more, if attackers create a VPN to access any network from device background, any idea? Share your views in the comments below.