Backdoor account discovered in more than 100,000 Zyxel firewalls, VPN gateways
Found on ZD Net on Saturday, 02 January 2021
More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account that can grant attackers root access to devices via either the SSH interface or the web administration panel.
Installing patches removes the backdoor account, which, according to Eye Control researchers, uses the "zyfwp" username and the "PrOw!aN_fXp" password.
It's hard to believe that this was just a stupid accident, since the account in question required a patch to remoove it.