Some routers vulnerable to remote hacking due to hard-coded admin credentials2015-08-28 01:50 by Daniela
Tags: router, hackers, DSL-N12E
A recent report by the CERT Coordination Center (CERT/CC) at Carnegie Mellon University has shown that certain DSL routers from different manufacturers come with a guessable hard-coded password that allows accessing the devices with a hidden administrator account.
Among the affected models are: ASUS DSL-N12E, DIGICOM DG-5524T, Observa Telecom RTA01N, Philippine Long Distance Telephone (PLDT) SpeedSurf 504AN and ZTE ZXV10 W300.
What's common for the vulnerable devices is that they have an admin password in the form "XXXXairocon" where XXXX are the last four characters of the device's physical MAC address, CERT/CC said. It's not hard for a hacker to obtain this MAC address (unique for every device). He just needs to send a public query over the Simple Network Management Protocol (SNMP) and can get it.
After having the necessary credentials, a remote attacker is able to gain administrator access to the affected devices over their telnet service.
The vulnerability has been initially reported in May 2014 for the ZTE ZXV10 W300 and later - for the Observa Telecom RTA01N. However, now it turned out that other devices are also affected.
Read more -here-