Security News

Zyxel launches XGS1250-12 12-Port Web-Managed Multi-Gigabit Switch for homes and offices
2021-04-07 01:45

Zyxel Networks announced the launch of XGS1250-12 12-Port Web-Managed Multi-Gigabit Switch with 3-Port 10G and 1-Port 10G SFP+. Designed to optimize high-bandwidth applications in the home and office, such as HD multimedia content creation and storage, and high-speed WiFi 6 data and IoT traffic, the versatile XGS1250-12 switch features three multi-Gigabit ports to eliminate network bottlenecks for devices such as 10G NAS or servers, WiFi 6 access points and new 2.5G motherboards. The switch features eight Gigabit Ethernet ports, one 10G SFP+ port, and three Multi-Gigabit ports that support five speeds: 10 Gbps, 5 Gbps, 2.5 Gbps, 1 Gbps and 1 Gbps. The highest common link speed is automatically and independently negotiated with each connected device.

WyreStorm adds Zyxel’s Networked AV-enabled switches to its NetworkHD Series of AV over IP
2021-03-16 00:45

Zyxel Networks announced a partnership with WyreStorm who has recently extended their AV over IP line with the H.265 NetworkHD 110's. WyreStorm has added Zyxel's portfolio of Networked AV-enabled switches to their NetworkHD Series of AV over IP solutions. The addition of the Networked AV technology to many of Zyxel's switch families enables partners like WyreStorm to provide networked AV solutions that deliver uncompromising network streaming performance making high-quality, low latency video distribution easier and more efficient than ever before.

Zyxel 10G PON ONT solutions enable service providers to deliver 10G broadband services
2021-01-21 01:15

Zyxel Communications announced the launch of its portfolio of high-performance 10G PON ONT solutions, which includes the PX7511 AX6000 WiFi 6 XGS-PON VoIP Gateway ONT, PM7516 XGS-PON VoIP Bridge ONT with 10G LAN, and PM7010 XGS-PON SFP+ ONT. Zyxel 10G PON ONT solutions enable service providers to break free of the bandwidth limitations of GPON and rapidly monetize their networks through high-ARPU premium-tier residential services and commercial applications. In addition to significantly increasing the connections speeds to standard and prime subscribers by increasing the bandwidth to 10G, Zyxel 10G PON solutions enable service providers to offer higher-priced premium service tiers to subscribers who utilize high-bandwidth applications such as UHD 8K video streaming, AR/VR, IoT, and smart home devices.

Zyxel hardcoded admin password found – patch now!
2021-01-06 17:27

Zyxel products are Linux-based, and Linux usernames and passwords are typically split between two files for security reasons. The early passwords of several Unix pioneers were cracked for fun in 2019 based on ancient password files embedded in the BSD-3 source code.

Cybercriminals Ramp Up Exploits Against Serious Zyxel Flaw
2021-01-06 16:40

Security experts are warning hackers are ramping up attempts to exploit a high-severity vulnerability that may still reside in over 100,000 Zyxel Communications products. Zyxel, a Taiwanese manufacturer of networking devices, on Dec. 23 warned of the flaw in its firmware and released patches to address the issue.

Backdoor in Zyxel Firewalls and Gateways
2021-01-06 11:44

More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account that can grant attackers root access to devices via either the SSH interface or the web administration panel. Installing patches removes the backdoor account, which, according to Eye Control researchers, uses the "Zyfwp" username and the "PrOw!aN fXp" password.

Hackers start exploiting the new backdoor in Zyxel devices
2021-01-06 03:00

Threat actors are actively scanning the Internet for open SSH devices and trying to login to them using a new recently patched Zyxel hardcoded credential backdoor. Last month, Niels Teusink of Dutch cybersecurity firm EYE disclosed a secret hardcoded backdoor account in Zyxel firewalls and AP controllers.

Hackers Exploiting Recently Disclosed Zyxel Vulnerability
2021-01-05 13:56

Security researchers have observed the first attempts to compromise Zyxel devices using a recently disclosed vulnerability related to the existence of hardcoded credentials. The attacks, currently small in numbers, target CVE-2020-29583, a vulnerability affecting several Zyxel firewalls and WLAN controllers that was publicly disclosed at the end of December.

Hardcoded Credentials Expose Zyxel Firewalls and WLAN Controllers to Remote Attacks
2021-01-04 15:12

Several Zyxel firewall and WLAN controller products contain hardcoded credentials for an undocumented user account that has admin privileges. The account was designed for the delivery of automatic firmware updates through FTP and is present on Zyxel USG, ATP, VPN, ZyWALL, and USG FLEX devices.

Secret Backdoor Account Found in Several Zyxel Firewall, VPN Products
2021-01-04 09:12

Zyxel has released a patch to address a critical vulnerability in its firmware concerning a hardcoded, undocumented secret account that could be abused by an attacker to login with administrative privileges and compromise its networking devices. The flaw, tracked as CVE-2020-29583, affects version 4.60 present in a wide-range of Zyxel devices, including Unified Security Gateway, USG FLEX, ATP, and VPN firewall products.