[Berlin-wireless] [SANOG] TP-Link lose control of their domain that's used to configure CPE online (fwd)
Marlen Caemmerer
nosy at c-base.org
Mi Jul 6 14:31:10 CEST 2016
Falls irgendwer die Originalfirmware von TP-Link nutzt...
---------- Forwarded message ----------
Date: Wed, 6 Jul 2016 13:16:26
From: Suresh Ramasubramanian <suresh at hserus.net>
To: sanog at sanog.org
Subject: [SANOG] TP-Link lose control of their domain that's used to configure
CPE online
According to this bugtraq post –
http://seclists.org/bugtraq/2016/Jul/3
They apparently used a fake domain tplinklogin.net – but forgot to register it in their name, and someone’s finally gone and registered it.
The domain is currently parked but can potentially be bought or otherwise taken over by an attacker.
And tp-link is an extremely common brand of wifi router sold in Indian / subcontinent stores.
SPs may want to block traffic to the domain www.tplinklogin.net till this is resolved.
--srs
_______________________________________________
sanog mailing list
sanog at sanog.org
https://lists.sanog.org/mailman/listinfo/sanog
Mehr Informationen über die Mailingliste Berlin