Researchers Find Severe, Currently Unpatched Tenda Powerline Extender Vulnerabilities

Security researchers found multiple vulnerabilities in the Tenda PA6 Wi-Fi Powerline extender, which would allow attackers to take complete control over the device and make it part of an IoT botnet, at the very least.

Powerline communications have been around for more than a decade, but they never really caught on at a large scale. That’s not to say tit’s not used in many parts of the world, and quite a few organizations govern the standards used.

Security researchers from X-Force Red found a number of vulnerabilities within the Tenda PA6 Wi-Fi Powerline extender, which uses the HomePlug standard. The biggest problem is the security of the device, as the authentication layer uses a very weak generic password.

“The first two flaws we discovered could potentially allow a remote attacker to gain complete control over the device,” say the researchers. “While authentication should provide a layer of security, this is not the case, here, as the device is only protected with a weak, default password.

“A compromised device can become part of an internet of things (IoT) botnet that launches distributed denial-of-service (DDoS) attacks, used to pivot to other connected devices, leveraged to mine for cryptocurrency or used in various other unauthorized ways,” they added.

The three vulnerabilities, CVE-2019-16213, CVE-2019-19505 and CVE-2019-19506, include remote code execution, buffer overflow and vulnerability to DDoS attacks.

As with many other devices exposed directly to the Internet, users should immediately change the default password of the device, which unfortunately is not always the case. The problem with this device is that the company that makes it hasn’t responded to messages, and it’s unclear whether they are working on a patch or a new firmware.

This means that the Tenda PA6 Wi-Fi Powerline extender, running the firmware, is currently vulnerable, and users have no real means of mitigating the threat.

Add Comment

Your email address will not be published. Required fields are marked *