Researching this situation, I found that the problem stems from fixed root user credentials being on these devices in such a way that the end user can not change the password.
The solution was deemed to be block connections from the world and not allow the users to access their devices. Only allow access from the zmodo server farm.
Now my problem with this is that the problem has not been fixed. The response of blocking all with the firewall is nearly equivalent to burying your head in the sand. If you can't receive the problem there is no problem. That like stopping spammers by deleting your email account or unplugging your phone. They are still trying to reach you and just aren't available.
This is not a proper solution. Creating a way to change the credentials, and upgrading the vulnerable versions of software would be much better. However I haven't seen anything saying that this is a code injection issue. Just a simple case of stolen password.
What worse is I just rolled back my device so that I could access on my secure local lan, no port forwards from the outside world, and now the device has upgraded itself and locked me out again. I do not have control over my own device.
Now I have to block the zmodo nvr from access to the internet as well....