Comments
-
Hi Stanley, Thanks for the workaround, that solved the issue concerning the TLS-Certificate. Regarding the port - well, if you upgrade remotely from a previous firmware you will lock yourself out since the firmware changes the port without adding a security policy. Then you will have no option to run the security wizard,…
-
+1
-
Hi @Zyxel_Vic So does this essentially mean that Zyxel does not know whether an actual remote code execution vulnerability exists? What do you exactly mean by "attack vector"? Are we talking about brute-forcing passwords or taking advantage of an actual RCE vulnerability in the firmware? Until now all of the communication…
-
Correcting myself, this seems to be possible on the Zyxel Marketplace: https://marketplace.zyxel.com/ However, for someone who just wants to use the GeoIP feature EUR 353/year is a bit steep.
-
Correct me if I'm wrong, but what's even worse is that there doesn't seem to be a way to buy a Content Filter license online in real-time. I have to order it through a local distributor, they procure it from Zyxel, print out the license key on paper and send it to me by postal mail, this takes approx. 5 days at least. For…
-
+1 on this one, that would be a great and simple way to accomodate Zyxel clients while they figure out a solution. Being quiet and leaving their customers tapping in the dark is definitely not the way to handle this situation....
-
Exactly, I have entire offices working from home through SSLVPN so I can't just disable it. It is crucial that Zyxel communicates clearly the current status.
-
@Zyxel_Vic I'd like to know as well if an authenticated user is able to run administrative commands or whether the infiltrators are able to bypass the authentication entirely. In terms of the security impact this is a major difference. Does Zyxel have already any insights on this? Your communication strategy has been very…
