Not so long ago, I became the proud owner of a TP-LINK TL-WR340GD wireless router. For two months of operation, the router showed itself only from the best side, repeatedly justifying its low price.
But I felt “sharp fluctuations in the Force” and decided to test this router for one vulnerability. A bit did not let me down. Spoiler: always change the default settings of the router!
The admin panel of the router is controlled by GET requests. This means that by placing, say, the link
http://admin:admin@192.168.1.1/userRpm/SysRebootRpm.htm?Reboot=Reboot
in the
src attribute of the
img tag, we will reload the router of the person who has not changed the initial settings. Well, including for this reason, I will not show the finished “picture”. Similarly, with all controls, except, perhaps, flashing.
What can this lead to? To the full management of the router! In addition, with uncomplicated actions, you can open the remote control of the router and report the victim's IP address to your server. Change the route to the server vkontakte and using phishing, which will be problematic to detect, force the victim to install a trojan. And all from the fact that someone was too lazy to change the default settings ...
PS: If you use a router from another company, please check it for a similar vulnerability. This and other useful information will be glad to see in the comments.