ZyNOS is the proprietary operating system used on network devices made by the ZyXEL Communications Corporation, ZyXEL Communications Corporation first introduced ZyNOS in 1998.
A vulnerability exists with ZyNOS based routers (ZyXel, Netgear and TP-Link and maybe others) that can allow an attacker to download the rom-0 file and reverse engineer to retrieve the local admin password.
- Browse to http://targetip:8080/rpFWUpload.html
- Download the ROM file
- Browse to http://18.104.22.168/zynos
- Click on “Choose File” and click on “Upload rom-0”
Should you have any questions, comments or suggestions, please don’t hesitate to comment below. If you like what you have read, please share it on your favourite social media medium.