Security News > 2020 > June > IBM Discloses Tenda Powerline Extender Flaws Apparently Ignored by Vendor

IBM Discloses Tenda Powerline Extender Flaws Apparently Ignored by Vendor
2020-06-26 11:44

IBM has disclosed the details of several vulnerabilities found in powerline extenders made by China-based networking solutions provider Tenda.

IBM says Tenda ignored its emails and phone calls, and it's unclear if any patches are being developed.

Researchers at IBM's X-Force Red team have analyzed Tenda PA6 Wi-Fi powerline extenders, which are part of the company's PH5 Powerline Extender Kit, and identified vulnerabilities that could allow attackers to take complete control of a device.

A third security hole found by IBM researchers is a denial-of-service vulnerability that can be exploited without authentication to cause a device to continuously reboot.

IBM says it has attempted to report its findings to Tenda, but the vendor ignored its phone calls and emails, which is why it's unclear if the company is working on releasing patches.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/R7jxCbRkhQ8/ibm-discloses-tenda-powerline-extender-flaws-apparently-ignored-vendor

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
IBM 736 216 2774 1264 248 4502
Tenda 77 0 38 307 496 841