Wi-Fi routers vulnerable to remote hacking due to hard-coded admin credentials
A group of researchers have discovered that they could remotely log into some Wi-Fi routers using the hard-coded default administrator login.
This yet unpatched security vulnerability can give attackers access to a few DSL, SOHO (small office / home office) WiFi routers using such default login scheme.
The group of researchers from the European University of Madrid had disclosed this vulnerability in May 2015 along with a few moreother security vulnerabilitiesinclude privilege escalation, CSRF, XSS, DOS, authentication bypasses in other devices.
According toan alertissued Tuesday by the CERT Coordination Center (CERT/CC) at Carnegie Mellon University, the affected rig models are:
According to the researchers findings, all of these devices give administrative control over the router by using a hard-coded login scheme.
Using the admin username for the Asus, DIGICOM, Observa Telecom, and ZTE devices, and the adminpldt for the Philippine Long Distance Telephone (PLDT) router, a hacker could easily authenticate himself on the WiFi stations using a common password.
The password scheme is XXXXairocon where XXXX represents the last four digits in the routers MAC physical address, which usually is presented in consoles like six groups of two hexadecimal characters in the form of: XX-XX-XX-XX-XX-XX
Since getting hold of a routers MAC is a trivial task for any technically skilled person, this would allow anyone to guess the admin passwords for those devices.
Since the hard-coded password has the same format for all the mentioned devices, the firmware for all the above routers seems to manufactured by the same company.
Read More
source: www.techworm.net
