ZyNOS

ZyNOS is the proprietary operating system used on network devices made by the ZyXEL Communications Corporation.^[1] The name is a contraction of ZyXEL and Network Operating System (NOS).

History

The ZyXEL Communications Corporation first introduced ZyNOS in 1998.^[2]

Versions

ZyXEL released ZyNOS version 4.0 for their GS2200 series 24 and 48 port ethernet switches in April, 2012.^[3] It appears that versions differ between ZyXEL products.

Access methods

Web and/or command line interface (CLI) depending on the device. Web access is accomplished by connecting an ethernet cable between a PC and an open port on the device and entering the IP address of the device into the Web browser.^[4] An RS-232 serial console port is provided on some devices for CLI access, which is accomplished by using SSH or telnet.^[5]

CLI command types

Listed below are the categories that the CLI commands are grouped by.^[6]

Web Configurator

The Web Configurator is divided into the following categories:^[7][4]

• basic settings
• advanced application
• IP application
• management

Security advisories

As of March 2014, Danish computer security company Secunia reports none unpatched advisories or vulnerabilities on ZyNOS version 4.X.^[8]

As of March 2014, Secunia reports seven advisories and six vulnerabilities on ZyNOS version 3.X. Five advisories are unpatched; Secunia rates the most severe unpatched advisory as less critical.^[9]

As of January 2015, A DNS vulnerability has been found in certain ZyNOS firmware versions. The versions that are affected have not been narrowed down. The attack can be done from a remote location regardless if the user interface is accessible from the outside of a LAN. ^[10]

References