VMG1312-B30A security issue hidden user

Options
baba
baba Posts: 280  Master Member
First Comment Friend Collector First Anniversary
edited May 2022 in Security
Hello,

i found a hidden user z*** with passwort *** on VMG1312-B30A in factory settings. Why this user exists at default config and has such easy password? The user has access to reboot the device etc and is a security issue.

Best,
baba

All Replies

  • YeK
    YeK Posts: 150  Master Member
    First Comment Friend Collector Sixth Anniversary
    Hi @baba,

    Can you please provide serial number and FW version of your device? 
  • baba
    baba Posts: 280  Master Member
    First Comment Friend Collector First Anniversary
    edited May 2022
    Newest Firmware 1.00(AAEB.7)

    i would not like to post the serial number public, but I bought the device brand new from Zyxel
  • baba
    baba Posts: 280  Master Member
    First Comment Friend Collector First Anniversary
    @Zyxel_Emily or any other zyxel employee: can you give me any update? it is an important topic for me.
  • YeK
    YeK Posts: 150  Master Member
    First Comment Friend Collector Sixth Anniversary
    hi @baba,

    Can you try to remove this account if you have concern for this? As I mentioned in another post, the fw version of your device is customized version. If you cannot make sure this change is ok or not, please contact with your service provider first.




  • baba
    baba Posts: 280  Master Member
    First Comment Friend Collector First Anniversary
    Hi @YeK,

    which customized version is this device using? I bought it a few days ago on Amazon directly from Zyxel as a dealer and I have not changed the firmware. The modem is used in a productive environment, can I delete the user without hesitation?

    Thanks!

Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)