So there was a wave of issues with Draytek routes a little while ago, but I've seen nothing about Billion routers. The reason I mention this is because I encountered this issue today (crossposted from the Billion forums):
So I recently had to have the modem take over DHCP duties as my home server is currently offline. It was fine for a few days, but then suddenly sites stopped working (or responded with an invalid certificate). I checked the DNS resolvers on one of my machines and they were wrong, so I check the router and it seems the DNS resolvers set for the DHCP server page had been changed to two malicious ones.
This is incredibly concerning for a few reasons; Remote management was already turned off (and had never been turned on) and the admin password had been changed to something cryptic (which only I have access to).
Is there some sort of remote exploit available for the 8800NL routers? I'm already running the latest version of the firmware (2.32e) so there's no much more I can do here.
So yeah, the question stands; Is there a known exploit for these routers? A google search finds nothing so either it's not widely disclosed yet or something else screwy is going on.
No comments:
Post a Comment