TrueOnline routers could be easily exploited by hackers, expert warns


A series of security vulnerabilities have been discovered in the routers freely distributed by Thailand ISP TrueOnline.

Security researcher Pablo Ribeiro from Agile Information Security went public with details of the security flaws because he claims vendors have not responded after warning them of the issue back in July 2016.

The three affected devices include rebranded ZyXEL and Billion routers with model numbers ZyXEL P660HN-T v1 (distributed up to 2013) and the ZyXEL P660HN-T v2, as well as the Billion 5200W-T, which is the current default unit TrueOnline gives to new customers.

Ribeiro warned that the routers are vulnerable to “command injection”, meaning that users could fall victim if hackers send them a malicious link that is then used to take complete control of the device.

Last month Ribeiro published a security advisory detailing the security vulnerabilities in full.

“TrueOnline is a major Internet Service Provider in Thailand which distributes various rebranded ZyXEL and Billion routers to its customers. Three router models – ZyXEL P660HN-T v1, ZyXEL P660HN-T v2 and Billion 5200W-T – contain a number of default administrative accounts, as well as authenticated and unauthenticated command injection vulnerabilities in their web interfaces, mostly in the syslog remote forwarding function.” reads the advisory. “All the routers are still in widespread use in Thailand, with the Billion 5200W-T router currently being distributed to new customers.”

It remains unclear if a security patch has been issued for the vulnerabilities affecting TrueOnline routers.

H/T: The Register


Comments are closed.