Router VMG8623-T50B remote access

zd59

My ISP give me access point/router Zyxel VMG8623-T50B, Firmware Version V5.50(ACDV.0)b4_E0_20240315.

As I wish to secure it as much as possible, I run to a serious problem:
The APs HTTP/HTTPS access is possible from my LAN (needed to manage it) and ALSO from internet site (WAN). So anybody can access it by brute force guess credentials.
The configuration setup is only enabling LAN access, so WAN access should be disabled.
I append a screenshot of that config. How come WAN access is working and Remote management setting show it is disabled?
Is there a bug in a firmware, or I misunderstood something?

Help needed.

Zyxel_remote_mgmt.png

bahecz44120

Check wiht your ISP about it. Also explain to them in more details of how you see the WAN side is accesible with proof of accessing HTTP/HTTPS from WAN. I would suggest that you can work with your ISP to do troubleshooting on this case and aks if they have other firmware that could do more test about it.

zd59

Hello.

Separation between WAN and LAN is a router feature NOT ISP job!

When I disable HTTP(S) WAN access on a router, it MUST be implemented on it.

All previously ISP routers I had in all my home Internet history (from beginning of that era) have implemented that feature. Disabling HTTP(S) WAN access worked when selected in a routers settings. No ISP intervention was involved.

When this feature of a router is not implemented in its firmware IS THIS A VERY SERIOUS SECURITY THREAT.

Zyxel must be aware of that and HAVE TO FIX IT BY A HIGHEST PRIORITY!!

I'm working in IT industry over 40 years, so do not try to swindle me. I know, the field.