Security Affairs
Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)|Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)|Hidden Tenda Router Backdoor Grants Admin Access, No Patch Available|AI-Generated Malware Powers New Armored Likho APT Campaign|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

CERT warns of hard-coded credentials in home routers

DSL home routers from a number of vendors contain hard-coded credentials that could allow a hacker to hijack the network devices via telnet services. A bunch of home gateway vendors, presumably sourcing their firmware from the same place, can be hijacked using depressingly common hard-coded logins. Experts from the Carnegie-Mellon CERT discovered that a number of home […]

CERT warns of hard-coded credentials in home routers

DSL home routers from a number of vendors contain hard-coded credentials that could allow a hacker to hijack the network devices via telnet services.

A bunch of home gateway vendors, presumably sourcing their firmware from the same place, can be hijacked using depressingly common hard-coded logins.

Experts from the Carnegie-Mellon CERT discovered that a number of home routers from various vendors comes with hard-coded credentials that could be  used to hijack the devices.

home routers ASUS

On Tuesday, the CERT at the Software Engineering Institute at Carnegie Mellon University issued an advisory confirming the serious security issued in the home routers and invited organizations to write firewall rules that block telnet or SNMP on the device as a temporary measure to mitigate the threat.

“A remote attacker may utilize these credentials to gain administrator access to the device,” states the CERT advisory

The list of vendors includes ASUS and ZTE in Asia, and Digicom, Observa Telecom, and carrier Philippine Long Distance Telephone (PLDT). All the devices analyzed by the researchers have the “XXXXairocon” as default telnet password, where the “XXXX” is the MAC address of the home router.  All the home routers except the PLDT devices have admin as default username, while the PLDT username is adminpldt.

“The vulnerability was previously disclosed in VU#228886 and assigned CVE-2014-0329 for ZTE ZXV10 W300, but it was not known at the time that the same vulnerability affected products published by other vendors. The Observa Telecom RTA01N was previously disclosed on the Full Disclosure mailing list.”

According to the researchers the affected home routers are:

Unfortunately all the devices are still unpatched, waiting a firmware update the CERT recommends blocking telnet and SNMP ports.

“Enable firewall rules so the telnet service of the device is not accessible to untrusted sources. Enable firewall rules that block SNMP on the device.” suggest the advisory.

Pierluigi Paganini

(Security Affairs – home routers, CERT)