Press Room

  • Share on Facebook
  • Share on Twitter
  • Share on Google Plus
  • Share on Linkedin

Welcome to ZyXEL Press Room In this area you can browse the latest announcements, events and more from ZyXEL and our worldwide subsidiaries.

Statement from ZyXEL Communications UK on recent hacking story, as reported by Silicon Republic

February 09, 2012

ZyXEL Communications UK, a world-class broadband networking company that provides leading Internet solutions for customers ranging from telecommunications service providers, small and medium-sized businesses to home users, would like to address the hacking claims published this morning by Silicon Republic in the article titled Hacker claims most DSL modems in Ireland can be hacked’.

 

The article makes reference to a blog post written by software developer, Ross Canpolet, which has since been removed from Irish hacking blog ‘The Insanity Pop’. Canpolet refers to an exploit called RouterPWN v:1.3.138 that allows several methods of hacking routers and modems, such as our P-660 router.

 

ZyXEL would like to confirm that there is absolutely NO security issue with our P-660 router. The vast majority of the our routers throughout the UK run an operating system called ZyNOS, our proprietary Network Operating System. 

 

Our team of technical consultants have run a series of tests* this morning using ZyNOS system and have shown that the claims made by Canpolet and ‘The Insanity Pop’ are not true and totally unfounded. All of ZyXEL’s products have robust security solutions in place to prevent against any security breaches.

           

*More details about tests

 

The ZyXEL technical team this morning analysed how this supposed attack took place. In the first instance, the exploit attempts to access various web pages within the router’s Graphical User Interface e.g.:

 

·         Prestige Unauthorized Reset

·         ZyNOS Configuration Disclosure  

·         Prestige Privilege Escalation

·         Prestige Configuration Disclosure

 

With ZyXEL routers, this isn’t possible because all management interfaces are disabled from WAN (Internet) side access. If you attempt to access these pages from the WAN side then the router doesn’t respond.

 An end user is able to lower the security of their router by making configuration changes:

·         set Remote MGMT to WAN & LAN / All

·         disable firewall or make a firewall rule to permit WAN to WAN/Router access 

If an end user does go ahead and alter the router settings then that does leave them more at risk to a potential hack. Even so, in this event, a hacker will still be directed to the login process where they have to input the correct admin password. The end user is advised on the Graphical User Interface page where these changes are made that this password should be changed before enabling any remote access.