Tenda Wireless Routers Feature Backdoor
Some wireless router models produced by Chinese company Tenda Technology are vulnerable to remote attacks, says Craig Heffner, the researcher who also spotted the backdoor in D-Link routers.
Unpacking the firmware update for the Tenda networking kit, Heffner found “suspicious code” that enables an unauthorized person to highjack the router “by sending a UDP packet with a special string.”
Apparently the bug is in the httpd component, where the MfgThread() function deploys a backdoor that can execute commands from remote C&C centers. Basically, once a remote attacker gets into the local network, he can send commands with root privileges to the device.
“The backdoor only listens on the LAN, thus it is not exploitable from the WAN. However, it is exploitable over the wireless network, which has WPS enabled by default with no brute force rate limiting,” Heffner writes in an advisory.
According to Heffner`s research, the vulnerable router models are Tenda`s W302R and W330R along with the rebranded Medialink MWN-WAPR150N.
Early this year, Cisco-powered Linksys routers were also found vulnerable to unauthorized remote access, where an attack could seize root privileges on the device. The bug affected both new and older versions of Linksys firmware. In February, DIR-600 and DIR-300 of D-Link routers allowed hackers to redirect Internet traffic and even change users` device passwords.
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021
The Top Five Security Risks Smartphone Users Face Today
July 02, 2021
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials
July 02, 2021
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger
June 30, 2021
Mobile security threats: reality or myth?
June 13, 2021
FOLLOW US ON
You might also like
July 23, 2021
July 22, 2021
July 20, 2021