News

Lek gave access to routers of millions of Germans

By admin
Spread the love

German developer Alexander Graf found passwords in the memory of his own router. These gave access to the maintenance network of Vodafone subsidiary Kabel Deutschland. This allowed him to look around unhindered on the routers of 2.8 million Germans.

Alexander Graf discovered the vulnerability when he searched his own router for the credentials for his VoIP access, which he wanted to use to connect his own hardware. He found a clogged network connection called wan0, which turned out to be part of the German provider’s maintenance network. Through this network he was able to access the routers of 2.8 million other users via telnet and later via ssh. The access passwords of these routers were partly stored in plaintext in the memory of its own router. These were the same for all devices.

He was then able to run arbitrary code on the routers with root access. As a result, he could also find out the passwords of other users and use their connection and make calls at their expense. He decided to inform the provider and it responded within a month saying that it had isolated the users on the maintenance network from each other. According to the Heise site, the leak could have existed for ten years. Graf will present his findings next week at the 32nd Chaos Communication Congress in Hamburg.

You might also like
News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Nvidia releases GeForce RTX 4060 Ti variant with 16GB memory

News

Logitech acquires stream controller maker Loupedeck

News

Igor’s Lab shares specs LGA1851 socket Arrow Lake: PCIe 5.0 SSDs and more pins

News

‘AMD wants to sell Radeon RX 7700 and RX 7800 series from September’