varsinainen turvaohjelmisto Zyxeliltä
-
https://pierrekim.github.io/blog/2020-03-09-zyxel-secumanager-0day-vulnerabilities.html
The summary of the vulnerabilities is:
Hardcoded SSH server keys
Backdoors accounts in MySQL
Hardcoded certificate and backdoor access in Ejabberd
Open ZODB storage without authentication
MyZyxel 'Cloud' Hardcoded Secret
Hardcoded Secrets, APIs
Predefined passwords for admin accounts
Insecure management over the 'Cloud'
xmppCnrSender.py log escape sequence injection
xmppCnrSender.py no authentication and clear-text communication
Incorrect HTTP requests cause out of range access in Zope
XSS on the web interface
Private SSH key
Backdoor APIs
Backdoor management access and RCE
Pre-auth RCE with chrooted access
-
Zyxel tarkensi että tuo koskee vain tiettyjä CloudCNM SecuManagerin räätälöityjä versioita.
Turvaohjelmisto? Eikös tuo ole verkkohallintaohjelmisto (joka sisältää jonkinlaisen palomuurin ja VPN-osan)?