"Vulnerabilities in D-Link, Comba Routers Can Leak Credentials"

Security researchers at Trustwave SpiderLabs found five vulnerabilities in D-Link and Comba Telecom routers. D-Link DSL modems contain two security flaws, while Comba Telecom Wi-Fi devices were discovered to contain three vulnerabilities. According to the researchers, all of these vulnerabilities derive from the insecure way in which credentials are stored. Three of the vulnerabilities could allow anyone with network access to the router to view a user’s password in cleartext. In addition, the exploitation of these vulnerabilities could enable attackers to direct users to malicious websites, block users’ access to important resources, and more. This article continues to discuss what attackers can do through the abuse of the security flaws, Trustwave's disclosure of these vulnerabilities, and the common problem with device manufacturers not accepting security problems highlighted by third-party researchers. 

Threatpost reports "Vulnerabilities in D-Link, Comba Routers Can Leak Credentials"