More info: https://www.zyxel.com/support/vulnerabilities-of-CloudCNM-SecuManager.shtml
Rarely I've seen so many backdoors in a single security product:
Hardcoded SSH server keys
Backdoors accounts in MySQL
Hardcoded certificate and backdoor access in Ejabberd
Open ZODB storage without authentication
MyZyxel 'Cloud' Hardcoded Secret
Hardcoded Secrets, APIs
Predefined passwords for admin accounts
Insecure management over the 'Cloud'
xmppCnrSender.py log escape sequence injection
xmppCnrSender.py no authentication and clear-text communication
Incorrect HTTP requests cause out of range access in Zope
XSS on the web interface
Private SSH key
Backdoor APIs
Backdoor management access and RCE
Pre-auth RCE with chrooted access
WTG Zyxel!
↧