VMG1312-B30A security issue hidden user

Options
baba
baba Posts: 280  Master Member
First Anniversary 10 Comments Friend Collector
edited May 2022 in Security
Hello,

i found a hidden user z*** with passwort *** on VMG1312-B30A in factory settings. Why this user exists at default config and has such easy password? The user has access to reboot the device etc and is a security issue.

Best,
baba

All Replies

  • YeK
    YeK Posts: 150  Master Member
    First Anniversary 10 Comments Friend Collector
    Options
    Hi @baba,

    Can you please provide serial number and FW version of your device? 
  • baba
    baba Posts: 280  Master Member
    First Anniversary 10 Comments Friend Collector
    edited May 2022
    Options
    Newest Firmware 1.00(AAEB.7)

    i would not like to post the serial number public, but I bought the device brand new from Zyxel
  • baba
    baba Posts: 280  Master Member
    First Anniversary 10 Comments Friend Collector
    Options
    @Zyxel_Emily or any other zyxel employee: can you give me any update? it is an important topic for me.
  • YeK
    YeK Posts: 150  Master Member
    First Anniversary 10 Comments Friend Collector
    Options
    hi @baba,

    Can you try to remove this account if you have concern for this? As I mentioned in another post, the fw version of your device is customized version. If you cannot make sure this change is ok or not, please contact with your service provider first.




  • baba
    baba Posts: 280  Master Member
    First Anniversary 10 Comments Friend Collector
    Options
    Hi @YeK,

    which customized version is this device using? I bought it a few days ago on Amazon directly from Zyxel as a dealer and I have not changed the firmware. The modem is used in a productive environment, can I delete the user without hesitation?

    Thanks!

Categories

Security Highlight


Read more

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)