Welcome · log in · join

Search similar:

Forums → Software and Operating Systems →

Security → DSL routers contain hard-coded "XXXXairocon" credentials

uniqs
457

« Live map of global cyber attacks • Norse Live Hack Attack Map »

EGeezer Premium Member join:2002-08-04 Midwest kudos:8 ·Callcentric	EGeezer Premium Member 2015-Aug-29 12:28 pm DSL routers contain hard-coded "XXXXairocon" credentials Although DSL is slowly going the way of the dodo, there are still lots of users out there. said by VU#950576 : DSL routers, including the ASUS DSL-N12E, DIGICOM DG-5524T, Observa Telecom RTA01N, Philippine Long Distance Telephone (PLDT) SpeedSurf 504AN and Kasda KW58293, and ZTE ZXV10 W300 contain hard-coded credentials that are useable in the telnet service on the device. In the ASUS, DIGICOM, Observa Telecom, and ZTE devices, the username is "admin," in the PLDT devices, the user name is "adminpldt," and in all affected devices, the password is "XXXXairocon" where "XXXX" is the last four characters of the device's MAC address. The MAC address may be obtainable over SNMP with community string public. ... Full notice at »www.kb.cert.org/vuls/id/950576 I'd think they'd at least change the default SNMP community string and default port(s) for TELNET and FTP when implementing the router in a customer site. -- If no mistake have you made, yet losing you are … a different game you should play - Yoda
	actions · 2015-Aug-29 12:28 pm ·
HELLFIRE MVM join:2009-11-25 kudos:30	HELLFIRE MVM 2015-Aug-30 1:18 pm Re: DSL routers contain hard-coded "XXXXairocon" credentials ...yet how many times have we seen here that it's less about "securing it right / in the first place" and more about "get the product out anyways?" Regards
	actions · 2015-Aug-30 1:18 pm ·
EGeezer Premium Member join:2002-08-04 Midwest kudos:8 ·Callcentric	EGeezer Premium Member 2015-Aug-30 3:44 pm I'm just dreading the day when home/SOHO router makers start going the way of operating systems whose vendors are deciding to monetize their products by collecting local information and sharing everything by default. -- If no mistake have you made, yet losing you are … a different game you should play - Yoda
	actions · 2015-Aug-30 3:44 pm ·
NetFixer Snarl For The Camera Please Premium Member join:2004-06-24 The Boro ·Cingular Wireless ·Comcast Business.. ·Vonage ARRIS SB6121 Switches Trash Bin D-Link DIR-655 Rev. B	NetFixer Premium Member 2015-Aug-30 9:32 pm said by EGeezer: I'm just dreading the day when home/SOHO router makers start going the way of operating systems whose vendors are deciding to monetize their products by collecting local information and sharing everything by default. What makes you think that all of the "cloud" routers that are being pushed by all the major vendors aren't already doing that? -- We can never have enough of nature. We need to witness our own limits transgressed, and some life pasturing freely where we never wander.
	actions · 2015-Aug-30 9:32 pm ·
EGeezer Premium Member join:2002-08-04 Midwest kudos:8	EGeezer Premium Member 2015-Aug-30 10:34 pm I'd think that the security community would be all over it if a router vendor was doing that stuff. -- If no mistake have you made, yet losing you are … a different game you should play - Yoda
	actions · 2015-Aug-30 10:34 pm ·

Black Box join:2002-12-21	Black Box to EGeezer Member 2015-Aug-31 1:40 am to EGeezer said by EGeezer: I'm just dreading the day when home/SOHO router makers start going the way of operating systems whose vendors are deciding to monetize their products by collecting local information and sharing everything by default. As if it didn't happen already with Belkin. They plonked on my siht list and wouldn't touch any of their products smarter than a power bar. So having a router (capable of) running OpenWRT or Tomato is starting to become a necessity. -- Keep It Safe, Stupid! Yes, I CanChat. Can You?
	actions · 2015-Aug-31 1:40 am ·
EGeezer Premium Member join:2002-08-04 Midwest kudos:8 ·Callcentric	EGeezer Premium Member 2015-Sep-1 2:58 pm Fortunately, Belkin has never been on my list of preferred brand names. It seems there's a need for more skeptical examination of home/SOHO router firmware by packet rats and forensic experts. -- If no mistake have you made, yet losing you are … a different game you should play - Yoda
	actions · 2015-Sep-1 2:58 pm ·

Forums → Software and Operating Systems → Security	« Live map of global cyber attacks • Norse Live Hack Attack Map »