Multiple security flaws in Comtrend router

20 May 2014 by Antonio Vázquez Blanco


Last summer I've been playing with an old access point I found among my unused devices. Although this is far away from being a top selling device I decided to investigate a bit in order to find security flaws on it.

I've downloaded the latest binary firmware for it and analysed it. This along some other information retrieved by the UART port inside it lead to a discovery of security flaws in the web interface.

Future posts will explain how I was able to interface the UART port and some basis of firmware analisys. I hope you will find them interesting.

More information can be found in the following links:

comments powered by Disqus