Firmware Upgrade Required for Selected Tenda Routers
During the course of last week (5-11 Oct 2020), there were a few reports globally of a security flaw in some of Tenda's Routers, specifically the following models:
The Security Vulnerability ExplainedThis only affects the above-mentioned routers when using the Remote Management feature via port 8080 with a public-facing IP address on the WAN port. Attackers are able to to use special commands to bypass device authentication and potentially make changes to router parameters which include device settings or even prevent the device from operating further by removing the boot flash.
How to Prevent or Fix the Security VulnerabilityIn response, Tenda has released new firmware to patch this vulnerability across affected routers which is available via 'Over the Air' (OTA).
Over the Air UpdateStep 1: Ensure the device is connected to the Internet.
Step 2: Once logged into the unit, you will be prompted for the latest version of firmware. Select Upgrade.
Need Assistance?If you have been a victim of an attack and unable to access your router, please contact support[@]scoop.co.za for assistance.
Blog post by Timothy Symonds