====== Zyxel NAS326 Issues ======

===== Cannot login to web after upgrade =====

NAS326 with FFP and other mods survives official upgrade, but it is not possible to login using web. Login using SSH works.

Zyxel explains it: [[https://homeforum.zyxel.com/discussion/3370/faq-upgrading-latest-nas-remote-code-execution-vulnerability-firmware#latest|Not able to login after Firmware Upgrade]]

  To avoid the remote code execution vulnerability, the password doesn't accept special characters !  #  $  %  &  (  -  | after updated to the latest firmware.
  If you cannot login the web interface after upgrade, please press the hardware reset button at the back of NAS for 2 seconds, and you will hear one beep sound,
  then release the hardware reset button. This resets the NAS's IP address and password to the default setting (admin/1234).

[[https://homeforum.zyxel.com/discussion/3317/zyxel-security-advisory-for-the-remote-code-execution-vulnerability-of-nas-products|Zyxel security advisory for the remote code execution vulnerability of NAS products]]

Additional findings:
    * It looks like, webui is using smbpasswd to authenticate to webinterface
    * When the reset button is pressed shortly, script to restore default passwords is called:\\ <file bash | /sbin/account.sh>
#!/bin/sh

CP=/bin/cp
RM=/bin/rm
ETCPATH=/etc
SAMBAPATH=/etc/samba

${RM} -rf /etc/passwd
${CP} ${ETCPATH}/passwd.default /etc/passwd
${RM} -rf  /etc/shadow
${CP} ${ETCPATH}/shadow.default /etc/shadow
${RM} -rf /etc/samba/smbpasswd
${CP} ${SAMBAPATH}/smbpasswd.default /etc/samba/smbpasswd
</file>