[轉貼]totolink routers被爆設有後門

http://technews.tw/2015/07/23/totolink-backdoor/
...TotoLink 總共有二十台不同機型的路由器會受到該後門影響,可以藉由遠端執行程式碼侵入,包括 XSS 和 CSR 類型的漏洞,能夠藉由 HTTP 請求或是 DHCP 請求就繞過管理員權限認證。這次爆出的漏洞已經存在多時,甚至六年前的機種也存在漏洞...


至於epc曾經紅極一時嘅A2004NS
https://threatpost.com/totolink- ... srf-rce-bugs/113816
...TotoLink actually updated the firmware for a dozen different router models this past Monday. While the two researchers point out the company appears to have silently fixed the HTTP RCE in the A2004NS and EX750 routers, the issues in the other routers still remain...


更多資料,請睇發現者個網站
http://pierrekim.github.io/index.html

睇過貌似刷韓版iptime ROM都會中招

totolink有沒辦法刷dd wrt or openwrt?不想比人監控

TOP

It affects 4 TOTOLINK products (firmwares come from totolink.net and from totolink.cn):

- G150R-V1 : last firmware 1.0.0-B20150330 (TOTOLINK-G150R-V1.0.0-B20150330.1734.web)
- G300R-V1 : last firmware 1.0.0-B20150330 (TOTOLINK-G300R-V1.0.0-B20150330.1816.web)
- N150RH-V1 : last firmware 1.0.0-B20131219 (TOTOLINK-N150RH-V1.0.0-B20131219.1014.web)
- N301RT-V1 : last firmware 1.0.0 (TOTOLINK N301RT_V1.0.0.web)

TOP

回覆 3# VV


    請問師兄點樣可以check到自己隻totolink有無中招?

TOP

回覆  VV


    請問師兄點樣可以check到自己隻totolink有無中招?
sniperbb 發表於 2015-7-23 20:53



    簡單d 睇個list 中唔中......

TOP

本帖最後由 supergag 於 2015-7-23 22:32 編輯
回覆  VV


    請問師兄點樣可以check到自己隻totolink有無中招?
sniperbb 發表於 2015-7-23 20:53


韓版已出新版firmware,更新最新版先無事

TOP

回覆 6# supergag

幾昤至出英文版?

TOP

仲有其他問題
1. http://pierrekim.github.io/blog/ ... -multiple-RCEs.html

The DHCP RCE also affects 2 TOTOLINK products from 2009-era firmwares to the latest firmwares with the default configuration:

- - TOTOLINK A2004NS : until last firmware (9.60 - za2004s_en_9_60.bin)

仲有其他問題
2. http://pierrekim.github.io/blog/ ... -RCE-with-DHCP.html
127 ipTIME router models vulnerable to an unauthenticated RCE by sending a crafted DHCP request
呢個9.72已fix

TOP

本帖最後由 Pikachu 於 2015-7-24 04:15 編輯

Sorry, 新聞來源重覆了

(Unwire.pro 報導原來也是來自technews)

因而刪掉

TOP

Dlink也有類似問題
尚好我用的model沒被監控

TOP