...

Computer Emergency Response Team of Azerbaijan warns TP-Link router users

Azerbaijan Materials 27 March 2013 16:45 (UTC +04:00)
The Computer Emergency Response Team (CERT), functioning under the State Agency for Special Communications and Information Security of the Special State Protection Service of Azerbaijan, has issued a warning to users of TP-LINK routers, according to an announcement from CERT shared on Wednesday.
Computer Emergency Response Team of Azerbaijan warns TP-Link router users

The Computer Emergency Response Team (CERT), functioning under the State Agency for Special Communications and Information Security of the Special State Protection Service of Azerbaijan, has issued a warning to users of TP-LINK routers, according to an announcement from CERT shared on Wednesday.

According to the announcement, TP-LINK routers contain a backdoor that allows hackers a simple and effective way of unauthorized access to user devices. A user performs a HTTP-request to the following address: http://192.168.0.1/userRpmNatDebugRpm26525557/start_art.html

The router connects to the IP-address that has made the request and tries to find a TFTP-server.

If the TFTP-server is found, the router downloads the file "nart.out". The downloaded file is run with the privileges of a root-user. The backdoor includes the following router models: TL-WDR4300, TL-WR743ND (v1.2 v2.0). However, this list may be incomplete.

According to CERT, vulnerability has not yet been resolved.

Tags:
Latest

Latest