On my core FTP server, v1.2 build 581 I happened to open the GUI and found 3 FTP clients connected and not authorized. (we have virtually no traffic so they were easy to spot).
One was "root" and two others were named ",00:00:01" -- the IP address originated in China somehwere.
We don't have a "root" account -- or is there one by default? With a default password or something that I was supposed to change during setup? Seems like there is a vulnerability, no?
Thanks for any input!