D-Link and Comba Router Flaws Leaking Credentials
Researchers have discovered vulnerabilities in D-Link and Comba Telecom routers that can leak passwords for the devices and can affect every user on the networks that use them for access. Trustwave SpiderLabs Security Researcher, Simon Kenin, discovered the vulnerabilities: two in a D-Link DSL modem used to connect a home network to an ISP, and three in several Comba Telecom WiFi devices. They all involve insecure credential storage, including three where cleartext credentials are available to any user with network access to the device.
A router controlled by hackers can manipulate how users resolve DNS hostnames to direct them to malicious websites. The router can deny access in and out of the network, blocking users from accessing important resources or blocking others from accessing your website. The two D-Link flaws affect the DSL-2875AL and the DSL-2875AL and the DSL-2877AL. The Comba flaw affects the AC2400 Wi-Fi Access Controller, and the AP2600-I WiFi Access Point.
Trustwave made several to notify both companies of the flaws but didn't get any response. Their lack of response suggests a persistent problem with device makers neglecting to take outside security recommendations seriously. D-Link eventually confirmed that it patched its affected devices but have yet to be verified. Comba, on the other hand, hasn't even responded and it remains unknown whether the company is working on patches.
Users of these routers and access points should verify that they have up to date firmware and should use internal filtering controls to limit access to the web based management.