DSL routers prone to remote hacking, says Carnegie Mellon University CERT report

It appears that hackers have found vulnerabilities in a number of DSL routers from four major manufacturers that allow the devices to be accessed remotely via a hidden administrator account. An alert issued by the CERT Coordination Center (CERT/CC) at Carnegie Mellon University revealed that DSL routers from Asus, Digicom, Philippine Long Distance Telephone (PLDT), and ZTE are affected by this issue.

What's common about these devices is that the majority of them have a user name corresponding to the hard-coded password listed as "admin," while PLDT's SpeedSurf 504 DSL router is "adminpldt." CERT said that a hacker can use these credentials to get administrator access to the affected devices over their telnet service.

Although a separate group of researchers last year revealed the vulnerability in the ZTE ZXV10 and W300 routers and in May for the Observa Telecom RTA01N, only recently did CERT find that the other devices were also affected. ComputerWorld article

Suggested Articles

Comcast stepped up to the plate in its hometown of Philadelphia by contributing $7 million to help provide free internet to low-income families.

Oracle announced its Oracle Cloud VMware Solution is now available across all of its public cloud regions, and in its Dedicated Region [email protected]

Cogent Communications could be adversely impacted by falling demand for commercial office space, which would mean less demand for corporate VPNs.