VULHUB ™

The Dynalink RTA 230 ADSL router is reported susceptible to a default backdoor account vulnerability. It is reported that the firmware contains a backdoor account. This account is not visible or modifiable from the web administration interface. Both the web configuration application and the telnet service are not listening on the WAN interface by default. Attackers with network access to internal interfaces of the device can gain complete access to a vulnerable access point by using the default credentials. Other devices utilizing similar firmware may also be affected, but this has not been confirmed. Other potential devices reported are: - US Robotics 9105 and 9106 - Siemens SE515 - Buffalo WMR-G54

The Dynalink RTA 230 ADSL router is reported susceptible to a default backdoor account vulnerability. It is reported that the firmware contains a backdoor account. This account is not visible or modifiable from the web administration interface. Both the web configuration application and the telnet service are not listening on the WAN interface by default. Attackers with network access to internal interfaces of the device can gain complete access to a vulnerable access point by using the default credentials. Other devices utilizing similar firmware may also be affected, but this has not been confirmed. Other potential devices reported are: - US Robotics 9105 and 9106 - Siemens SE515 - Buffalo WMR-G54