Routers Vulnerable to attack
It is disturbing to observe that a majority of popular router models are vulnerable to exploits and are quick to spot by hackers within a network. Among these popular router brands are Sitecom, Netgear, Linksys, D-Link, Belkin, and TP-Link. A security firm went out to verify and test just how vulnerable models of these routers are and while doing so, it was able to locate more than 10,000 vulnerable routers in its initial testing.
In Italy, the popular Sitecom WLM-3500 router model was found to have back door vulnerabilities that enabled attackers to gain administrative access and modify router configurations. Although there are firmware updates that nullify these backdoor vulnerabilities, many of the routers have yet to be updated by their network administrators.
One security analyst also discovered
Vulnerable configuration file of Netgear router.
WNR1000 which was hidden as a picture file could be accessed and decrypted by attackers using a decoder made with the script language Python.
Other researchers have found 13 router models which had similar vulnerabilities. Many of these vulnerabilities are open to attack from the internet and some even do not require any form of authentication. So far, researchers are studying around two dozen possible vulnerabilities which include bypassing the router authentication, cross-site request forgery, and cross-site scripting. There are already 17 confirmed holes with assigned CVEs. At this time, more information regarding the vulnerabilities has not been disclosed to help protect router owners.
Many network administrators, network operators, and router owners are advised to change their default usernames and passwords, configure the router’s internet interface so that it is switched to disabled, and that the router’s IP address be changed from its default setting. This will make attacks more difficult and make routers less of a target. Network administrators and operators should also remember to log off their routers after accessing them using an internet browser or other available internet interfaces. Periodic checking with the router manufacturer is also advised so router owners remain up to date regarding any firmware updates or setup changes that their router model needs. Update to the latest firmware for your router if possible and this will reduce your risk of being exploited by unknown attackers.
As researchers continue to find and test for vulnerabilities in many router models, router owners are encouraged to attend to and configure their boxes whether the discovered vulnerabilities are being exploited or not. Configuring it now will reduce the risks of attack. It is better to be safe than sorry.
Powerful UTM Firewall, Vulnerability Scanner, WiFi Penetration Testing software
SecPoint is specialized to deliver the best IT security solutions and products.