What is it?

Trivial File Transfer Protocol (TFTP) can operate in very little memory so it is sometimes used by a desktop computer to update the firmware on a router. TFTP uses port 69. TFTP is rarely used for Internet file transfers.

Wikipedia (link below) does a good job of explaining TFTP.

Why is it a risk?

As its name implies, TFTP is a very simple tool for transferring files between two devices on a network.

TFTP does not have built-in encryption, access control or authentication. This makes it very easy for an attacker to trick TFTP into giving access to files.

How can you mitigate the risk?

Ideally, you could disable TFTP entirely but that might make it difficult or impossible for you to update your router firmware.

There are very few use-cases where TFTP traffic should be allowed to or from the Internet to your local area network so mitigating this vulnerability is straight-forward: write firewall rules that disallow in or outbound traffic on port 69.

Resources:

Wikipedia Trvial File Transfer Protocol
https://en.wikipedia.org/wiki/Trivial_File_Transfer_Protocol

Share →