A researcher found a backdoor credential within ZyXEL routers. Based on reports, the compromised detail hiding inside the LTE indoor routers is a hard-coded backdoor credential tracked as CVE-2022-40602.
The primary ability that the flawed credential could give an attacker is that it can provide remote access to the routers.
Based on reports, a researcher found the password hidden inside the ZyXEL LTE3301-M209 firmware routers. The firmware of the compromised device, which contains three primary sections, the root-fs, LZMA section, and the www content section, has a file keeping the credentials coded on it.
Moreover, the file, kept inside the www content section of the firmware section, includes the Zlib magic bytes. Users can read the Zlib magic bytes through the zlib-flate in Unix or via OpenSSL.
On the other hand, a user can convert the zlib file into a gzip archive on Windows Operating System and then read it via 7zip. As the researcher unpacked the file, it revealed the telnet login password. WebUI details could allow an attacker to take over the device.
Several days later, the same researcher discovered a Telnet backdoor inside another router called D-Link DWR-921. The firm published a security bulletin but refused to patch the flaw since the product had reached its End of Life (EOL).
The researchers and the affected company have taken several months to release a fix for the ZyXEL routers.
The final quarter of 2022 has revealed hostile details of the ZyXEL routers. Last September, the vulnerability was first reported by researchers to ZyXEL. The firm then asked for the details to reverse-engineer the flaw, which the researcher also provided.
In the same month, ZyXEL confirmed the issues affecting one of their products. Fortunately, they worked on the problem to repair it. The following month, the company and researchers identified the flaw. In November, the firm published a security bulletin, and they gave a firmware repair to the public.
Experts stated that users of the flawed router should apply the fix as soon as possible. The cooperation of researchers and the affected company showed the importance of clear communication, which mitigated the risks of abuse of such vulnerability in the environment.
