Router VMG8623-T50B remote access

zd59
zd59 Posts: 4  Freshman Member
First Comment

My ISP give me access point/router Zyxel VMG8623-T50B, Firmware Version V5.50(ACDV.0)b4_E0_20240315.


As I wish to secure it as much as possible, I run to a serious problem:
The APs HTTP/HTTPS access is possible from my LAN (needed to manage it) and ALSO from internet site (WAN). So anybody can access it by brute force guess credentials.
The configuration setup is only enabling LAN access, so WAN access should be disabled.
I append a screenshot of that config. How come WAN access is working and Remote management setting show it is disabled?
Is there a bug in a firmware, or I misunderstood something?

Help needed.

All Replies

  • bahecz44120
    bahecz44120 Posts: 62  Ally Member
    First Answer First Comment

    Check wiht your ISP about it. Also explain to them in more details of how you see the WAN side is accesible with proof of accessing HTTP/HTTPS from WAN. I would suggest that you can work with your ISP to do troubleshooting on this case and aks if they have other firmware that could do more test about it.

  • zd59
    zd59 Posts: 4  Freshman Member
    First Comment

    Hello.

    Separation between WAN and LAN is a router feature NOT ISP job!

    When I disable HTTP(S) WAN access on a router, it MUST be implemented on it.

    All previously ISP routers I had in all my home Internet history (from beginning of that era) have implemented that feature. Disabling HTTP(S) WAN access worked when selected in a routers settings. No ISP intervention was involved.

    When this feature of a router is not implemented in its firmware IS THIS A VERY SERIOUS SECURITY THREAT.

    Zyxel must be aware of that and HAVE TO FIX IT BY A HIGHEST PRIORITY!!

    I'm working in IT industry over 40 years, so do not try to swindle me. I know, the field.

Consumer Product Help Center