Solidot: 友讯科技发布补丁修复旧路由器的关键漏洞

Solidot

奇客的资讯，重要的东西

友讯科技发布补丁修复旧路由器的关键漏洞
http://solidot.org.feedsportal.com/c/33236/f/556826/s/345a112f/sc/28/l/0L0Ssolidot0Borg0Cstory0Dsid0F37467/story01.htm
Dec 3rd 2013, 03:01

友讯科技（D-Link）发布了一系列旧型号路由器的固件补丁，修复今年10月发现的能绕过身份验证的关键漏洞。嵌入式设备安全研究员Craig Heffner发现，如果浏览器User Agent String包含特殊的字符串"xmlset_roodkcableoj28840ybtide"，攻击者将可以绕过密码验证直接访问路由器的Web界面，浏览和修改设置。友讯科技随后证实了该漏洞，它建议用户不要启用远程管理功能。This entry passed through the Full-Text RSS service — if this is your content and you're reading it on someone else's site, please read the FAQ at fivefilters.org/content-only/faq.php#publishers.



You are receiving this email because you subscribed to this feed at https://blogtrottr.com

If you no longer wish to receive these emails, you can unsubscribe here:
https://blogtrottr.com/unsubscribe/cz0/jPbdSR