Dns not updating from dhcp 2016
In February 2016, they went after Asus for their insecure routers.
It's not clear if the vulnerability is on the LAN side, WAN side or both. It has a remote code execution flaw that is exploitable over the LAN by default or over the WAN if remote administration is enabled.The first Netgear advisory listed 18 vulnerable devices. As things stand now, there are 31 vulnerable models, 18 of which are patched.However, Trustwave warns that one of the models listed as not vulnerable (DGN2200v4) is, in fact, vulnerable. Netgear now has a new procedure for handling reports about flaws in their software.A lawsuit alleges that D-Link "failed to take reasonable steps to protect their routers and IP cameras from widely known and reasonably foreseeable risks of unauthorized access." D-Link is also accused of misleading the public about the security of their devices.This is the second time the FTC has gone after insecure routers.DECEMBER 2016 Scam Android apps attack routers with default passwords Switcher: Android joins the attack-the-router clubby Nikita Buchka of Kaspersky Labs December 28, 2016 As router attacks go, this is small potatoes.
Victims have to install the scam Android apps manually, they are not in the Play store. Switcher changes the DNS servers in the router, something that can be detected, even though the author of this report fails to point this out (see the Tests page).
Thailand ISP ignores router flaws Router vulnerabilities disclosed in July remain unpatchedby Michael Mimoso of Kaspersky Threatpost January 17, 2017 The first sentence of this article is all you need to read: "Details on serious vulnerabilities in a number of routers freely distributed by a major Thai ISP were published on Monday after private disclosures made to the vendors in July went unanswered." As I say elsewhere on this site, don't use a router provided by your ISP.
True Online, the largest broadband company in Thailand, gives their customers three buggy routers: Zy Xel P660HN-T v1, Zy Xel P660HN-T v2 and Billion 5200 W-T.
Multiple bugs (default admin accounts and command injection vulnerabilities) were found and disclosed by Pedro Ribeiro of Agile Information Security.
Most of the vulnerabilities can be exploited remotely, some without authentication.
And, it only impacts TP-Link routers with default passwords. Its only newsworthy as the first Android apps to attack routers.