Sponsor for PC Pals Forum

Author Topic: TP-Link router exploit spotted in the wild  (Read 3205 times)

Offline Simon

  • Administrator
  • *****
  • Posts: 78010
  • First to score 7/7 in Quiz of The Week's News 2017
TP-Link router exploit spotted in the wild
« on: October 31, 2013, 22:15 »
Certain TP-Link wireless routers feature a vulnerability that leaves them open to DNS hijacking attacks, a researcher has found.

Researcher Jakob Lell uncovered the cross-site request forgery flaw, which could allow attackers to manipulate a vulnerable router's upstream DNS server when a user browses to a malicious site.

Lell said he had found five different websites hosting the exploit and said there were likely to be more. He didn't reveal which sites had been affected and said it wasn't clear what the attackers planned on doing with the malicious servers.

Lell's disclosure comes after another researcher warned that many domestic wireless routers contain unpatched security holes.

D-Link, Tenda and Netgear were all forced to issue patches in response to flaws that could allow hackers to bypass their routers' authentication bypass processes. However, none of the researchers who disclosed the flaws said they had found real-world examples of the exploits.

Read more: http://www.pcpro.co.uk/news/security/385105/tp-link-router-exploit-spotted-in-the-wild
Many thanks to all our members, who have made PC Pals such an outstanding success!   :thumb:

Offline Clive

  • Administrator
  • *****
  • Posts: 75246
  • Won Quiz of the Year 2015,2016,2017, 2020, 2021
Re: TP-Link router exploit spotted in the wild
« Reply #1 on: October 31, 2013, 22:34 »
I had better leave my router on tonight to get the patch. I'm still using the netgear. 


Show unread posts since last visit.
Sponsor for PC Pals Forum