PETALING JAYA: Subscribers to Telekom Malaysia Bhd’s high-speed broadband service UniFi are vulnerable to exploitation due to a router setting that leaves it open to outside attack.
A hacker could take control of the router remotely and could, for instance, surf using the owner’s account, open ports that could leave the computer vulnerable to further attacks and spy on the user’s Internet activities.
“rizvanrp,” who posts on the LowYat Forum (bit.ly/bm6Eqe) discovered the vulnerability and went public with it on May 29. His discovery was also posted on Twitter.
According to him, the vulnerability is due to TM leaving each router’s remote management capability switched on, thus making it possible for others to remotely access the router using a username and password that is now easily found on the Internet.
A check by In.Tech at a UniFi user’s home in Damansara Jaya confirmed that the vulnerability exists and that the username and password are indeed available on the Web.
With these we were able to gain full access to the router from within the local network. We did not, however, try to access the router from outside the local network.
Having said that, to be able to access the router from outside the local network, the hacker would need to know the device’s WAN IP (wide area network Internet protocol) address.
Or the hacker could gain access via the user’s WiFi network by discovering the network password.
According to networking experts, while this is possible, it is quite unlikely that a hacker would be successful.
In his post, rizvanrp said that disabling the router’s remote management function would stop anyone from outside the local network from accessing the router settings.
TM said it is aware of the situation and is preparing an official response.
Did you find this article insightful?