TP-Link router exploit spotted in the wild

[Simon]

Certain TP-Link wireless routers feature a vulnerability that leaves them open to DNS hijacking attacks, a researcher has found.

Researcher Jakob Lell uncovered the cross-site request forgery flaw, which could allow attackers to manipulate a vulnerable router's upstream DNS server when a user browses to a malicious site.

Lell said he had found five different websites hosting the exploit and said there were likely to be more. He didn't reveal which sites had been affected and said it wasn't clear what the attackers planned on doing with the malicious servers.

Lell's disclosure comes after another researcher warned that many domestic wireless routers contain unpatched security holes.

D-Link, Tenda and Netgear were all forced to issue patches in response to flaws that could allow hackers to bypass their routers' authentication bypass processes. However, none of the researchers who disclosed the flaws said they had found real-world examples of the exploits.

Read more: http://www.pcpro.co.uk/news/security/385105/tp-link-router-exploit-spotted-in-the-wild

[Steve]

In other words log out of your router once you've used the settings/admin panel.

[Simon]

I thought most of them automatically logged out when you closed the browser session anyway. 

[Steve]

There may be a time limit setting somewhere as well.