Backdoor Found In Tenda Router Firmware

Researchers reported last week that there's a backdoor in Chinese-made Tenda routers.

Reported on /dev/ttyS0 an embedded device hacking blog site, the firmware used by Tenda’s W302R wireless router uses the GoAhead webserver. The post, written by Craig, goes on to say "this backdoor was likely first implemented in Tenda’s W302R router, although it also exists in the Tenda W330R, as well as re-branded models, such as the Medialink MWN-WAPR150N. They all use the same “w302r_mfg” magic packet string." While it appears to be a manufacturing link, perhaps left on during production, it is nonetheless a backdoor.

More details on this GitHub post.