IMPORTANT - tenanted leakage

FrankIversenFrankIversen Member Posts: 92  Ally Member
edited January 8, 2021 5:41PM in Nebula General Discussion
We just registered a new switch to a customer. we get an erorr in the nebula app saying "this device is already registered".
So we chose "great, yes, do that" and press OK. Then a switch, which is online, is showing up. it is not our switch. We get all the information on the swtich (ports used, mac/ips etc.) and we can see the public wan. the public wan adress points to an unknown ip-adresse in our country.

We try to register the switch again, this time from the qr-code on the switch itselfes, not on the box. then it works. 
Now we have 2 devices. On is our regular switch, the other switch is the another company.......

I suggest you contact me directly for showing you the details. We will have to fill a blanket for a GDPR situation here.

All Replies

  • FrankIversenFrankIversen Member Posts: 92  Ally Member
    we have also created a more detailed ticket on [email protected] with #158081   Please check the information we have provided there.
  • Nebula_JasonNebula_Jason Zyxel Offical Agent Posts: 217  mod
    Hi @FrankIversen ,

    Thanks for your feedback.

    I will PM you for the following detail information for this case, so we can check the logs on our server.
    • MAC address and S/N number of the Switches.
    • The picture of the QR-code
    • The organization/site name which the Switch is registered to now.
    Please also enable Zyxel Support at Help > Support request page to let our account can access your organization.

    Kindly check your Inbox later.

  • Nebula_JasonNebula_Jason Zyxel Offical Agent Posts: 217  mod
    Hi @FrankIversen ,

    We find that there is a mismatch between QR-code and MAC/SN sticker of your Switch brown box.
    We are now working on it.

    Sorry for your inconvenience.

  • FrankIversenFrankIversen Member Posts: 92  Ally Member
    the mismatch is one thing. but the ability to transwer a switch from a tenant we do not control is not good at all. that is a big securityhole.
  • Nebula_JasonNebula_Jason Zyxel Offical Agent Posts: 217  mod
    Hi @FrankIversen ,

    First of all, sorry to make you confused and thanks your feedback to have this security concern.
    The feature "User can scan QR-code on the Nebula device via Nebula APP to register to his/her organization/site directly" is based on the motivation below.

    To let the second-hand device can be faster and more convenient to be registered by the new user if the previous user didn't unregister from his/her organization.

    Why is QR-code?
    We make this mechanism on "Scanning device QR-code via Nebula APP" because we think it can prove the Nebula device is actually on the new user's hand.

    For this case, there is indeed something wrong at the rework process for your device, so it causes the QR-code is mismatch.

Sign In to comment.