Computer Emergency Response Team of Azerbaijan warns TP-Link router users
The Computer Emergency Response Team (CERT), functioning under the State Agency for Special Communications and Information Security of the Special State Protection Service of Azerbaijan, has issued a warning to users of TP-LINK routers, according to an announcement from CERT shared on Wednesday.
According to the announcement, TP-LINK routers contain a backdoor that allows hackers a simple and effective way of unauthorized access to user devices. A user performs a HTTP-request to the following address: http://192.168.0.1/userRpmNatDebugRpm26525557/start_art.html
The router connects to the IP-address that has made the request and tries to find a TFTP-server.
If the TFTP-server is found, the router downloads the file "nart.out". The downloaded file is run with the privileges of a root-user. The backdoor includes the following router models: TL-WDR4300, TL-WR743ND (v1.2 v2.0). However, this list may be incomplete.
According to CERT, vulnerability has not yet been resolved.
Here we are to serve you with news right now. It does not cost much, but worth your attention.
Choose to support open, independent, quality journalism and subscribe on a monthly basis.
By subscribing to our online newspaper, you can have full digital access to all news, analysis, and much more.
You can also follow AzerNEWS on Twitter @AzerNewsAz or Facebook @AzerNewsNewspaper
Thank you!