DSL routers prone to remote hacking, says Carnegie Mellon University CERT report

It appears that hackers have found vulnerabilities in a number of DSL routers from four major manufacturers that allow the devices to be accessed remotely via a hidden administrator account. An alert issued by the CERT Coordination Center (CERT/CC) at Carnegie Mellon University revealed that DSL routers from Asus, Digicom, Philippine Long Distance Telephone (PLDT), and ZTE are affected by this issue.

What's common about these devices is that the majority of them have a user name corresponding to the hard-coded password listed as "admin," while PLDT's SpeedSurf 504 DSL router is "adminpldt." CERT said that a hacker can use these credentials to get administrator access to the affected devices over their telnet service.

Although a separate group of researchers last year revealed the vulnerability in the ZTE ZXV10 and W300 routers and in May for the Observa Telecom RTA01N, only recently did CERT find that the other devices were also affected. ComputerWorld article

Suggested Articles

Deutsche Telekom's T-Systems subsidiary has deployed VMware's disaster-recovery-as-a-service platform on its Dynamic Services for Infrastructure (DSI…

Google is investing 3 billion euros ($3.3 billion) to expand the company's data footprint across Europe over the next two years.

When it comes to its fiber deployments, Verizon is hitting its stride, according to Verizon Chairman and CEO Hans Vestberg.