VMG1312-B30A security issue hidden user

baba
baba Posts: 48  Freshman Member
edited May 1 in Security
Hello,

i found a hidden user z*** with passwort *** on VMG1312-B30A in factory settings. Why this user exists at default config and has such easy password? The user has access to reboot the device etc and is a security issue.

Best,
baba

All Replies

  • YeK
    YeK Posts: 134  Ally Member
    Hi @baba,

    Can you please provide serial number and FW version of your device? 
  • baba
    baba Posts: 48  Freshman Member
    edited May 4
    Newest Firmware 1.00(AAEB.7)

    i would not like to post the serial number public, but I bought the device brand new from Zyxel
  • baba
    baba Posts: 48  Freshman Member
    @Zyxel_Emily or any other zyxel employee: can you give me any update? it is an important topic for me.
  • YeK
    YeK Posts: 134  Ally Member
    hi @baba,

    Can you try to remove this account if you have concern for this? As I mentioned in another post, the fw version of your device is customized version. If you cannot make sure this change is ok or not, please contact with your service provider first.




  • baba
    baba Posts: 48  Freshman Member
    Hi @YeK,

    which customized version is this device using? I bought it a few days ago on Amazon directly from Zyxel as a dealer and I have not changed the firmware. The modem is used in a productive environment, can I delete the user without hesitation?

    Thanks!

Categories

Security Highlight


Read more

Security Help Center

  • FAQ
  • New & Release
  • Monthly Express
  • Threat Intelligence
  • Video Tutorials
    • EnglishРусский中文(台灣)