Thursday, 27 August 2015

Asus DSL Modem Router Vulnerable By Fixed Password


In several ADSL modem routers, including those of the Taiwanese manufacturer Asus, is called a "hard-coded" password is used, which allows remote attackers as an administrator can log onto the devices. Before that warns the CERT Coordination Center (CERT / CC) at Carnegie Mellon University.

The problem is present in the Asus DSL-N12E, DIGICOM DG-5524T, Observa RTA01N Telecom, Philippine Long Distance Telephone (PLDT) Speed ​​Surf 504AN and ZTE ZXV10 W300. The Asus model is also sold in the Netherlands. The permanent password allows an attacker to connect through telnet to the device. The password is partly based on the MAC address of the device, but it can be traced via SNMP (Simple Network Management Protocol (SNMP). Since there is no update is available, users are advised to ensure that telnet is not for " unreliable sources "is accessible and that SNMP is disabled on the routers.

No comments:

Post a Comment