Hacked VPN100
Options
All Replies
-
Hi,
We had the same problem with USG Flex 500 V5.37 - few times someone logged to device from WAN using built in admin and created another user with SSL VPN access, then he got to local network and logged via RDP to serwer using credentials saved in USG Flex for LDAP authentication. Could he retrieve that domain password from the device memory?
And what with built in admin? Is it some backdoor or I should worry that our passwords leaked somehow? There was no failed attempts in logs, just first successfull logon.
0
Freshman Member
Categories
- All Categories
- 442 Beta Program
- 2.9K Nebula
- 220 Nebula Ideas
- 128 Nebula Status and Incidents
- 6.5K Security
- 606 USG FLEX H Series
- 344 Security Ideas
- 1.7K Switch
- 84 Switch Ideas
- 1.4K Wireless
- 52 Wireless Ideas
- 7K Consumer Product
- 298 Service & License
- 482 News and Release
- 92 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.8K FAQ
- 34 Documents
- 87 About Community
- 105 Security Highlight
