uClibc and uClibc-ng consumer router flaw

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

uClibc and uClibc-ng consumer router flaw

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
uClibc and uClibc-ng consumer router flaw
uClibc and uClibc-ng consumer router flaw
2022-05-10 04:09:49
Model: Deco M5  
Hardware Version: V3
Firmware Version: 1.5.7

Just read an article that discusses a flaws in the DNS request system of many home routers and want to know if these routers are affected by this now in the public flaw?

 

 

The flaw
Nozomi Networks revealed a flaw in the third-party code library (uClibc and uClibc-ng) used by major vendors such as Linksys, Netgear and Axis. Hackers can exploit this vulnerability to force a router to connect to a malicious site or server by “poisoning” Domain Name System (DNS) requests.


The vulnerability is unpatched as of now.

  1      
  1      
#1
Options
1 Reply
Re:uClibc and uClibc-ng consumer router flaw
2022-05-11 03:10:20

  @Marlenus 

Thank you very much for the feedback.

This report also catches our attention the moment it has been publicly disclosed.

Currently, TP-Link is investigating and will keep updating the security advisory as more information becomes available.

Thanks again.

Best regards.

 

  0  
  0  
#2
Options