Various home router manufacturers use very weak passwords, which can also be determined remotely.
According to the report, the following are affected Golem.com Router of the following manufacturers: Asus, Digicom, Observa Telecom, Philippine Long Distance Telephone (PLDT) and ZTE - the attack vector is quite simple. The password consists of the last four digits of the MAC address plus the word "airocon“. The corresponding user account is ".admin“.
Since the MAC address can also be queried remotely via the SNMP interface, it is very easy for an attacker to determine the corresponding username/password combination and gain access to one of the affected routers. Some router manufacturers such as ZTE have already been informed about the gapbut there are no updates yet.
The only solution currently available is to disable Telnet access and the SNMP interface via the router's firewall. You probably don't have to hope for an update after it has been known for several years. AVM offers an alternative with more frequent updates and fast reaction in case of security holes with the Fritz!Box series in different price ranges.
The contribution Security vulnerability found in home router passwords is first on routerzwang.de and was published by fjeromin ...written.