logoalt Hacker News

greyface-today at 3:02 AM3 repliesview on HN

The article doesn't disclose the value of "sys.rzadmin.password", but this writeup from 2022 does:

https://boschko.ca/tenda_ac1200_router/

Spoiler: it's "rzadmin". And it looks like there are a bunch of other goodies in the firmware, too.


Replies

BloondAndDoomtoday at 7:39 AM

At that point it’s not even a back door it’s just stupid default root password kind of design which used to be standard in this kind of hardware. Backdoor would at least try to be subtle :)

thibaut_barreretoday at 5:25 AM

That backdoor is so up front about it. We might as well call it a frontdoor.

lemageduragetoday at 4:02 AM

Sounds like a convenience feature for a dev that they forgot to remove before distribution, since it's this poorly hidden.

show 1 reply