Vulnerability in ASUS DSL-N12E router

Forums › New Zealand Broadband › Vulnerability in ASUS DSL-N12E router

freitasm

BDFL - Memuneh
64241 posts

Uber Geek

Administrator

Trusted

Geekzone

Lifetime subscriber

# 179102 26-Aug-2015 11:29

*** Posting here instead of routers subforum as I want a wider audience ***

Vulnerability Note VU#950576

DSL routers, including the ASUS DSL-N12E, DIGICOM DG-5524T, Observa Telecom RTA01N, Philippine Long Distance Telephone (PLDT) SpeedSurf 504AN, and ZTE ZXV10 W300 contain hard-coded credentials that are useable in the telnet service on the device.

In the ASUS, DIGICOM, Observa Telecom, and ZTE devices, the username is "admin," in the PLDT device, the user name is "adminpldt," and in all affected devices, the password is "XXXXairocon" where "XXXX" is the last four characters of the device's MAC address. The MAC address may be obtainable over SNMP with community string public.

My technology disclosure | Digital Transformation | Enterprise Content Management | Customer Relationship Management | Data Insights, Business Intelligence and Advanced Analytics

PeterReader

5702 posts

Uber Geek

Trusted

Geekzone

Lifetime subscriber

# 1374527 26-Aug-2015 11:29

Hello... Our robot found some keywords in your post, so here is an automated reply with some important things to note regarding broadband speeds.

If you are posting regarding DSL speeds please check that

- you have reset your modem and router

- your PC (or other PCs in your LAN) is not downloading large files when you are testing

- you are not being throttled by your ISP due to going over the monthly cap

- your tests are always done on an ethernet connection to the router - do not use wireless for testing

- you read this topic and follow the instructions there.

Make sure you provide information for other users to help you. If you have not already done it, please EDIT your post and add this now:

- Your ISP and plan

- Type of connection (ADSL, ADSL2, VDSL)

- Your modem DSL stats (do not worry about posting Speedtest, we need sync rate, attenuation and noise margin)

- Your general location (or street)

- If you are rural or urban

- If you know your connection is to an exchange, cabinet or conklin

- If your connection is to a ULL or wholesale service

- If you have done an isolation test as per the link above

Most of the problems with speed are likely to be related to internal wiring issues. Read this discussion to find out more about this. Your ISP is not intentionally slowing you down today (unless you are on a managed plan). Also if this is the school holidays it's likely you will notice slower than usual speed due to more users online.

A master splitter is required for VDSL2 and in most cases will improve speeds on DSL connections. Regular disconnections can be a monitored alarm or a set top box trying to connect. If there's an alarm connected to your line even if you don't have an alarm contract it may still try to connect so it's worth checking.

I recommend you read these two blog posts:

- Is your premises phone wiring impacting your broadband performance? (very technical)

- Are you receiving a substandard ULL ADSL2+ connection from your ISP?

I am the Geekzone Robot and I am here to help. I am from the Internet. I do not interact. Do not expect other replies from me.

Aredwood

3885 posts

Uber Geek

Subscriber

# 1374977 27-Aug-2015 01:14

That is pretty bad. Just looking at those names, sounds like at least 1 overseas ISP uses them as their default supplied router. Anyone want to place bets on how long before someone makes a worm that takes over these routers?

Im guessing that Asus is the manufacturer, and the others are rebranded? As some testing of other Asus routers could be needed. Also AFAIK My Republic supply Asus routers. Hope they get tested as worms on fibre connections would be very bad.