D-Link and Comba’s Networking devices contain Bugs, may leak Passwords

D-Link and Comba networking gears are the most widely used devices throughout the globe. D-Link is one of the trusted brands in India for routers and dongles. Comba’s network extenders are widely used in offices and organizations that require a WiFi coverage extension to handle a large number of users.

In recent reports, the networking gears of these companies were detected with certain bugs. These bugs can retrieve sensitive information like ISP credentials and device access passwords without any authentication. D-Link router’s complete settings can be manipulated by simply accessing ‘romfile.cfg’ file. There is no authentication required for accessing such sensitive data and the WiFi password is stored as plain text without any encryption.

Comba’s WiFi access controller and indoor access point devices contain certain bugs. To retrieve sensitive data from these devices, no authentication is required. The data can be simply accessed by sending a crafted request to the web management server and downloading the configuration file, or by accessing the HTML page of the web administration console.

Using WiFi is very common these days and almost every household and office has one. There are multiple devices like PCs, smartphones, etc. that are connected to WiFi and have sensitive user data. If the WiFi source contains bugs and can be accessed by attackers, then all the connected devices and their data are in threat too.

NPAV recommends keeping your WiFi connection secure by using a strong password and changing it at regular intervals.

Use NPAV Total Security for better protection.

Sharing is caring!

Leave a Reply

Your email address will not be published. Required fields are marked *