Security News > 2020 > March > Flaws Riddle Zyxel’s Network Management Software
Security researchers are warning that networking hardware vendor Zyxel and its Cloud CNM SecuManager software is chock-full of unpatched vulnerabilities that kick open the doors for hackers to exploit.
The Zyxel CNM SecuManager is a networking management software solution that provides an integrated console to monitor and manage enterprise security gateways, such as the company's own ZyWALL USG and its VPN series products.
Researcher Kim told Threatpost he did not disclose the vulnerabilities to Zyxel because he believed that the vendor intentionally created backdoors into its product that would open Cloud CNM SecuManager software to remote access by Zyxel, post-customer installation.
According to the report, the vulnerable software includes Zyxel CNM SecuManager versions 3.1.0 and 3.1.1 - last updated in November 2018.
Late last month, Zyxel patched a zero-day vulnerability tied to a critical flaw in many of its network attached storage devices.