GIOMIND

https://www.linkedin.com/posts/425a_zyxel-zyxel-vulnerabilitymanagement-ugcPost-7067040279790256128-COHr?utm_source=share&utm_medium=member_android

A linkedin post (see below) says it was possibile to get root access via these exploits. If this is the case, it is easy to steal the config file and decript the passwords in there (there is a tool on the net to do that), including admin one. I strongly suggest to change all passwords.

Hello, we managed to get firmware v 5.10 which is the immediate version after 4.65 where we were running now. But firmware update (both via GUI and via FTP) is simply "ignored" and device boots up with the same firmware as before both in standby and in running config!!! Any idea of what's going on ?

Either they have hacked Zyxel or Zyxel has not been very clever in using dropbox for sharing their firmware: on a zero day with massive downloads….dropbox says goodbye

No, the zyxel page you posted: if you scroll to USG section and point to "Download 5.10" it links to a dropbox download. So Zyxel used dropbox for their downloads, but dropbox, when huge traffic is detected on a specific link, disables it… BAM Zyxel, great idea!…

Thank you. If you try the links in that page, they all point to dropbox and dropbox disabled them because of too many accesses: so is not possibile to download anything

Hello, can you provide a working link for firmware 5.10 for USG20-VPN ? Direct upgrade to latest fails and all links through dropbox are not working due to too many accesses. We are unable to upgrade and solve the issue since we are on 4.65 and direct jump to latest does not work