IBM has disclosed the details of several vulnerabilities found in powerline extenders made by China-based networking solutions provider Tenda. IBM says Tenda ignored its emails and phone calls, and it’s unclear if any patches are being developed.
Considered an alternative to Wi-Fi extenders, powerline extenders leverage a building’s electrical wiring to boost the range of an internet connection. One powerline network adapter is connected to the router and then plugged into a wall socket. The electrical wiring will carry the signal to a different socket (in an area where a stronger signal is needed), in which the user plugs in a second powerline adapter.
Researchers at IBM’s X-Force Red team have analyzed Tenda PA6 Wi-Fi powerline extenders, which are part of the company’s PH5 Powerline Extender Kit, and identified vulnerabilities that could allow attackers to take complete control of a device.
Malicious actors could exploit the vulnerabilities to add a device to an IoT botnet and abuse it to launch DDoS attacks, move to other devices on the network, or abuse them to mine for cryptocurrency.
One of the vulnerabilities has been described as a command injection issue that can be exploited by an authenticated attacker to take control of a powerline adapter. Another vulnerability allows an authenticated attacker to execute arbitrary code on the device.
IBM says it may be possible to exploit these vulnerabilities remotely from the internet. While exploitation requires authentication, the tech giant’s researchers noticed that the vulnerable devices are only protected by a weak, default password.
A third security hole found by IBM researchers is a denial-of-service (DoS) vulnerability that can be exploited without authentication to cause a device to continuously reboot.
They also noticed that an attacker can easily obtain a device’s firmware image, which includes configuration data and other files.
Based on the CVE identifiers assigned to these vulnerabilities, they were discovered in 2019, but no patches appear to have been released. IBM says it has attempted to report its findings to Tenda, but the vendor ignored its phone calls and emails, which is why it’s unclear if the company is working on releasing patches.
Related: Remote Command Execution Vulnerability Affects Many D-Link Routers
Related: Several Botnets Using Zero-Day Vulnerability to Target Fiber Routers
Related: MikroTik Router Vulnerabilities Can Lead to Backdoor Creation

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- China’s Offensive Cyber Operations in Africa Support Soft Power Efforts
- SANS Survey Shows Drop in 2023 ICS/OT Security Budgets
- Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones
- Cisco to Acquire Splunk for $28 Billion
- Car Cybersecurity Study Shows Drop in Critical Vulnerabilities Over Past Decade
- Omron Patches PLC, Engineering Software Flaws Discovered During ICS Malware Analysis
- Intel Launches New Attestation Service as Part of Trust Authority Portfolio
- Atos Unify Vulnerabilities Could Allow Hackers to Backdoor Systems
Latest News
- In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking
- China’s Offensive Cyber Operations in Africa Support Soft Power Efforts
- Air Canada Says Employee Information Accessed in Cyberattack
- BIND Updates Patch Two High-Severity DoS Vulnerabilities
- Faster Patching Pace Validates CISA’s KEV Catalog Initiative
- SANS Survey Shows Drop in 2023 ICS/OT Security Budgets
- Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones
- New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware
