DSL routers prone to remote hacking, says Carnegie Mellon University CERT report

It appears that hackers have found vulnerabilities in a number of DSL routers from four major manufacturers that allow the devices to be accessed remotely via a hidden administrator account. An alert issued by the CERT Coordination Center (CERT/CC) at Carnegie Mellon University revealed that DSL routers from Asus, Digicom, Philippine Long Distance Telephone (PLDT), and ZTE are affected by this issue.

What's common about these devices is that the majority of them have a user name corresponding to the hard-coded password listed as "admin," while PLDT's SpeedSurf 504 DSL router is "adminpldt." CERT said that a hacker can use these credentials to get administrator access to the affected devices over their telnet service.

Although a separate group of researchers last year revealed the vulnerability in the ZTE ZXV10 and W300 routers and in May for the Observa Telecom RTA01N, only recently did CERT find that the other devices were also affected. ComputerWorld article

FREE DAILY NEWSLETTER

Like this story? Subscribe to FierceTelecom!

The Telecom industry is an ever-changing world where big ideas come along daily. Our subscribers rely on FierceTelecom as their must-read source for the latest news, analysis and data on the intersection of telecom and media. Sign up today to get telecom news and updates delivered to your inbox and read on the go.

Suggested Articles

Flume has launched with the goal of providing fast, affordable internet connections to at least 600,000 low-income residents in New York City.

Comcast announced that its Comcast RISE program is providing more than 700 Black-owned businesses support including technology upgrades.

IBM is planning to cull about 10,000 jobs in Europe in order to lower costs ahead of its split into two businesses.