[SANOG] TP-Link lose control of their domain that's used to configure CPE online
Suresh Ramasubramanian
suresh at hserus.net
Wed Jul 6 11:16:26 UTC 2016
According to this bugtraq post –
http://seclists.org/bugtraq/2016/Jul/3
They apparently used a fake domain tplinklogin.net – but forgot to register it in their name, and someone’s finally gone and registered it.
The domain is currently parked but can potentially be bought or otherwise taken over by an attacker.
And tp-link is an extremely common brand of wifi router sold in Indian / subcontinent stores.
SPs may want to block traffic to the domain www.tplinklogin.net till this is resolved.
--srs
More information about the sanog
mailing list