SonicWall Advises Users to Reset Logins After Config Backup Leak

SonicWall has alerted its customers to reset all login credentials after a recent leak exposed firewall configuration backups.

The vendor emphasizes three critical stages—containment, remediation, and monitoring—to minimize risk and restore secure access.

Users should follow each stage in order, beginning with containment to block further exposure, proceeding to remediation to reset passwords and shared secrets, and concluding with monitoring to detect any unauthorized activity.

Disabling access to HTTP/HTTPS/SSH Management

The first step is to limit access from the public internet. Administrators should disable or restrict management services over the WAN interface before making any configuration changes.

Navigating to Network > System > Interfaces, they must edit each WAN interface and disable HTTP, HTTPS, and SSH management.

If complete disabling is not possible, SonicWall’s knowledge base article provides guidance on limiting management access to trusted IP addresses only.

Next, SSL VPN ...