• CONTEST ALERT - Experience the power of DDR5 memory with Kingston Click for details

Treacherous backdoor found in TP-Link routers

RCuber

The Mighty Unkel!!!
Staff member
Security experts in Poland have discovered a treacherous backdoor in various router models made by TP-Link. When a specially crafted URL is called, the router will respond by downloading and executing a file from the accessing computer, reports Michał Sajdak from Securitum.

The expert says that when a browser sends an HTTP GET request to 192.168.0.1/..........., the contacted router will establish a connection back to the visitor's IP and contact any TFTP server there. It will retrieve a file called nart.out from the TFTP server and execute it as root.

However, this normally only works within a local network; an indirect exploit such as a CSRF attack should fail because the required TFTP server must be accessible within the LAN.

Full article here
 

Vignesh B

Youngling
Hmm, that's sad.
But the worst part is that, TP-Link is not accepting this bug.
Anyway, any work-around is there to prevent an attack?
 
Top Bottom