Wireless LAN router maker neglects domain renewal and requires 250 million yen from new owner

ByAudioreservoir

Major manufacturers of Wi-Fi access points and home wireless LAN routersTP-LinkIn order to make it easy for users to access the product setting page, we obtain a dedicated domain name and describe it in the product. However, because TP-Link neglected registration renewal of the domain name, the domain name was acquired by another person, and the situation that the new owner is required to return the domain name for 2.5 million dollars (about 250 million yen) It is getting.

Bugtraq: Logic security flaw in TP - LINK - tplinklogin.net
http://seclists.org/bugtraq/2016/Jul/3

TP-Link forgets to register domain name, leaves config pages open to hijack | Ars Technica
http://arstechnica.com/security/2016/07/tp-link-forgets-to-register-domain-name-leaves-config-pages-open-to-hijack/

It is dealing with security products that TP-Link forgot to register the domain name and noticed that the domain name is in the hands of the new ownerCybermoonCEO of Amitay Dan. Mr. Dan said the computer security mailing listBugtraq Mailing List, We publish that the domain name of TP-Link has been acquired by others and upload the image of TP-Link home wireless LAN router to our own Twitter account.

TP-Link forgot to buy the domainhttps://t.co/kggHaY7Xhl
Exploit can be made, the domain is for sell for 2.5 m $Pic.twitter.com/JH7FkHItYU

- Amitay Dan (@ popshark 1)July 1, 2016

The router has an address "tplinklogin.net" for initial setting, a login user name and password, and even when the product is not connected to the Internet at the time of initial setting, it easily moves to the router setting page It has become a mechanism. According to TP - Link, this information is described in TP - Link products sold by 2014.

@ TherealboydchanUnfortunately they stopped communicating., One company already blocked this domainPic.twitter.com/YOMlcg6rx4

- Amitay Dan (@ popshark 1)July 4, 2016

However, in this system, in order to resolve the addressDNS, We have a weak point that it is easy for an attacker to take over. Also, there is a similar vulnerability in the domain name "tplinkextender.net" used for the wireless LAN extension machine of TP-Link.

Analyzing the number of website accessAlexaAccording to the ranking, tplinklogin.net has 4.4 million accesses per month, tplinkextender.net has 800,000 accesses per month, and it continues to be used even after TP-Link lost ownership.

Tplinklogin.net | Alexa ranking & amp; traffic history for 7 years
http://www.rank2traffic.com/tplinklogin.net


It is not known who the owner of the new domain is, but according to Dan, the new owner requests 2.5 million dollars (about 250 million yen) to return the domain name to TP-Link It is said that it is. However, TP-Link does not recover the old domain name, and acquires two kinds of domain names, "tplinkwifi-net" and "tplinkrepeater.net" newly. For products sold after 2015, the new domain name is used in the URL of the setting page.

ByKenming Wang

Ars Technica, a news site, speculates that "TP-Link ceased to recover its domain name is because the opponent 's requested amount was too expensive." However, in a coping method that only acquires a new domain and changes a manual while leaving the old domain acquired by another person, the old domain name is left for already sold terminals. Furthermore, a link to the old domain name is left on the official site of TP-Link, Dan comments "Internet provider should block old domain name".

How to Use the Local Storage Sharing Feature - Welcome to TP-LINK
http://www.tp-link.us/FAQ-420.html