How to solve the issue "ZTP is already enabled" on VPN series?

Options
Zyxel_Emily
Zyxel_Emily Posts: 1,332  Zyxel Employee
First Anniversary 10 Comments Friend Collector First Answer
edited February 6 in Security

Symptom:

Unable to access the web GUI. Access the web GUI but the page "ZTP is already enabled" appears. The device is on-premises mode and never deployed using ZTP.

Q1. What are the impact model and version for this issue?

Affected model

Affected version

VPN50

5.00 through 5.36(ABHL2)C0

VPN100

5.00 through 5.36(ABFV.2)C0

VPN300

5.00 through 5.36(ABFC.2)C0

VPN1000

5.00 through 5.36(ABIP.2)C0

Q2. What are the vulnerability details?

These issues may be connected to previously addressed CVE vulnerability CVE-2023-33012. Please note that ZLD5.37 Patch 1 (July 2023) is no longer susceptible to the CVE reference: CVE-2023-33012.

Q3. What should I do if "ZTP is already enabled" on VPN series?

Upgrade the affected VPN device to the following recovery version via FTP to unlock ZTP status.

How to update the firmware by FTP?

Q4. What should I do for unaffected VPN devices?

For unaffected VPN devices, make sure they are already upgraded to the latest official version 5.37 Patch 1. In security policy, we also suggest you NOT allow all source addresses to access HTTPS from WAN to ZyWALL. Create another security policy rule to allow trusted source IP address to have the access privilege from WAN to ZyWALL.

Want a FREE Access Point? Participate in our campaign and share your network setup for a chance to win! https://bit.ly/3z9MJPB

All Replies

  • SovSibir
    SovSibir Posts: 4
    First Comment
    Options

    I wonder why you need to download from an unofficial site? There is no such firmware update on the official website.

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,483  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    This issue is not encountered by all devices; therefore, it is not suitable to be placed on the official site for everyone to update.

    Want a FREE Access Point? Participate in our campaign and share your network setup for a chance to win! https://bit.ly/3z9MJPB

Security Highlight