3 matches found
VulnCheck KEV: CVE-2020-29583
Zyxel firewalls ATP, USG, VM and AP Controllers NXC2500 and NXC5500 contain a use of hard-coded credentials vulnerability in an undocumented account "zyfwp" with an unchangeable password...
The vulnerability of microprogrammed network devices such as ZyXEL USG, USG VPN, ATP, ZyWALL, and FLEX lies in the unencrypted storage of data, which allows attackers to gain unauthorized access to protected information.
The vulnerability of microprogrammed network devices such as ZyXEL USG, USG VPN, ATP, ZyWALL, and FLEX lies in the unencrypted storage of data when the “zyfwp” account is used. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to protected information from a...
PT-2020-5736 · Zyxel · Zyxel Usg
Name of the Vulnerable Software and Affected Versions: Zyxel USG devices version 4.60 Description: The issue concerns an undocumented account zyfwp with an unchangeable password that can be found in cleartext in the firmware of Zyxel USG devices. This account allows someone to login to the ssh...