Remove Firewall Remove Firmware Remove VPN
article thumbnail

Expert found a secret backdoor in Zyxel firewall and VPN

Security Affairs

Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583 , related to the presence of a hardcoded undocumented secret account. The Taiwanese vendor Zyxel has addressed a critical vulnerability in its firmware related to the presence of a hardcoded undocumented secret account. “Firmware version 4.60

Firewall 145
article thumbnail

Zyxel warns customers of attacks on its enterprise firewall and VPN devices

Security Affairs

Networking equipment giant Zyxel warns customers of a series of attacks that have been targeting some of its enterprise firewall and VPN devices. Networking equipment vendor Zyxel warned its customers of a series of attacks that have been targeting some of its enterprise firewall and VPN server solutions.

VPN 144
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Zyxel 0day Affects its Firewall Products, Too

Krebs on Security

Today, Zyxel acknowledged the same flaw is present in many of its firewall products. “We’ve now completed the investigation of all Zyxel products and found that firewall products running specific firmware versions are also vulnerable,” Zyxel wrote in an email to KrebsOnSecurity. Patch 0 through ZLD V4.35

Firewall 275
article thumbnail

Zyxel fixes a critical bug in its business firewall and VPN devices

Security Affairs

Zyxel issued security updates for a critical vulnerability that affects some of its business firewall and VPN devices. Networking equipment vendor Zyxel has pushed security updates for a critical flaw, tracked as CVE-2022-0342 (CVSS 9.8), that affects some of its business firewall and VPN products. Patch 1 VPN ZLD V4.30

Firewall 106
article thumbnail

Zyxel patches critical bug affecting firewall and VPN devices

Bleeping Computer

Network equipment company Zyxel has updated the firmware of several of its business-grade firewall and VPN products to address a critical-severity vulnerability that could give attackers administrator-level access to affected devices. [.].

article thumbnail

Zyxel fixed a critical RCE flaw in its firewall devices and urges customers to install the patches

Security Affairs

A vulnerability impacting Zyxel firewalls, tracked as CVE-2023-28771, can be exploited to execute arbitary code on vulnerable devices. Researchers from TRAPA Security have discovered a critical remote code execution vulnerability, tracked as CVE-2023-28771 (CVSS score 9.8), impacting Zyxel Firewall. through 5.35. through 5.35.

article thumbnail

Widespread exploitation by botnet operators of Zyxel firewall flaw

Security Affairs

Threat actors are actively exploiting a command injection flaw, tracked as CVE-2023-28771, in Zyxel firewalls to install malware. Threat actors are actively attempting to exploit a command injection vulnerability, tracked as CVE-2023-28771 , that impacts Zyxel firewalls. in its firewall devices. VPN ZLD V4.60