[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Logic security flaw in TP-LINK - tplinklogin.net

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Logic security flaw in TP-LINK - tplinklogin.net
From: Info@xxxxxxxxxxxx
Date: Fri, 1 Jul 2016 11:00:51 GMT

TP-LINK forgot to buy the domain www.tplinklogin.net  which is beings used to 
configure many of the hardwares they have, like routers configuration.

The domain is available to buy via escort service, so potential attacker can 
get it, it's all about money.

There is unknown holder who have the domain right now, and has been confirmed 
to be out of the company.

As for now, the company decided to make minor fixes. Yet - they don't like to 
buy the domain from the unknown seller, for now.

I've contacted the Chinese CERT, the US-CERT the Israeli CERT and the company.

The logic behind using domain in the first time, instead of IP address is the 
main problem here, forgetting to buy the domain is the second mistake.

While checking how many users are trying to use it, I've realized that's this 
is effecting plenty of people.

My advice is to block the domain by the ISP.

It seems that's some people understood that's the service is not good, and 
complained about it online, however I didn't saw a publication concern the 
security effect of the issue 

I hope this mistake won't happened again

Amitay Dan
CEO at Cybermoon 

for more info please follow
www.cybermoon.cc
www.amitaydan.com

@popshark1

Prev by Date: [CVE-2016-6130] Double-Fetch Vulnerability in Linux-4.5/drivers/s390/char/sclp_ctl.c
Next by Date: Executable installers are vulnerable^WEVIL (case 34): Microsoft's vs-community-*.exe susceptible to DLL hijacking
Previous by thread: [CVE-2016-6130] Double-Fetch Vulnerability in Linux-4.5/drivers/s390/char/sclp_ctl.c
Next by thread: Executable installers are vulnerable^WEVIL (case 34): Microsoft's vs-community-*.exe susceptible to DLL hijacking
Index(es):
- Date
- Thread