Manufacturers seem not to care – some routers still awaiting patches
DSL modems and Wi-Fi routers from D-Link and Comba have been found to be leaving owners' passwords out in the open.
Simon Kenin, a security researcher with Trustwave SpiderLabs, took credit for the discovery of five bugs that leave user credentials accessible to attackers.
For D-Link gear, two bugs were discovered in the firmware for the DSL-2875AL and DSL-2877AL wireless ADSL modem/router. The first bug describes a configuration file in the DSL-2875AL that contains the user password, and does not require any authentication to view: you just have to be able to reach the web-based admin console, either on the local network or across the internet, depending the device's configuration.
"This fi ..
Support the originator by clicking the read the rest link below.
