{"id":1641,"date":"2013-04-16T10:00:58","date_gmt":"2013-04-16T14:00:58","guid":{"rendered":"http:\/\/me-en.kaspersky.com\/blog\/?p=1641"},"modified":"2020-02-26T18:56:33","modified_gmt":"2020-02-26T14:56:33","slug":"wifi-router-hacking-protection","status":"publish","type":"post","link":"https:\/\/me-en.kaspersky.com\/blog\/wifi-router-hacking-protection\/1641\/","title":{"rendered":"Popular Routers Vulnerable to Attack; Fix is Ready, But Must Be Manually Installed"},"content":{"rendered":"

Confusion ensued last week after a well-known security researcher identified a number of incredibly troubling security vulnerabilities in a popular Linksys router<\/a> developed by Cisco Systems. The networking giant almost immediately downplayed the issues, claiming that the vulnerabilities had been resolved with a months-old security update<\/a>.<\/p>\n

\"wifi\"<\/a><\/p>\n

The researcher, Phil Purviance of the application security consulting firm AppSec Consulting, claimed that the Cisco Linksys EA2700 Network Manager N6000 Wireless-N routers, which are widely deployed on home and small-business networks, were riddled with vulnerabilities. The bugs, he said, could give remote attackers the ability to access the device itself, its passwords and configuration files, and ultimately change its settings and upload modified and potentially malicious firmware onto the routers. If an attacker happens to be on the same network as the vulnerable router, he or she could change passwords and take control of the networking device.<\/p>\n

There are a variety of exploits, ranging from fairly simple to quite complicated, that take advantage of the vulnerabilities and can be deployed to compromise the affected routers, according to Purviance. One of the simpler exploit methods involved the attacker luring a user on an affected network to an infected, exploit-hosting website. Another would require the attacker to paste a special character into the address bar while attempting to access the router\u2019s administrative interface. While the first exploit would let an attacker change a vulnerable device\u2019s password to the default password, which is \u2018password,\u2019 the second exploit was far more dangerous, exposing the device\u2019s proprietary source code. In other words, it would grant an attacker access to the code that secures and makes the router work. For lack of a better way to put it, this code plus some wiring and a plastic casing is the router.<\/p>\n

There are a variety of exploits, ranging from fairly simple to quite complicated, that take advantage of the vulnerabilities and can be deployed to compromise the affected routers.<\/div>\n

\u201cWhat I found was so terrible, awful, and completely inexcusable,\u201d Purviance wrote on his blog<\/a>. \u201cIt only took 30 minutes to come to the conclusion that any network with an EA2700 router on it is an\u00a0insecure\u00a0network.\u201d<\/p>\n

He went on:<\/p>\n

\u201cThis vulnerability tells me that this router\u2019s software was never given a security pen-test because it is just too easy.\u201d<\/p>\n

Tech firms that manufacture consumer and other devices are expected to perform penetration tests looking for vulnerabilities in their products to make sure that they cannot be easily and immediately exploited by attackers.<\/p>\n

For its part, Cisco was quick to clarify that these vulnerabilities were resolved with an update released in June 2012, and that anyone who purchased or installed an EA2700 router on their network after that date was immune to these flaws.<\/p>\n

So what\u2019s the big deal? The vulnerabilities have been patched and the devices have been updated. Open and shut case, right?<\/p>\n

Not so fast, as Tod Beardsley, an engineering manager at Rapid7 points out, implementing a router-firmware update to correct a vulnerability is not as easy (or automated) as installing normal software or computer updates, which you should be installing on the regular, despite the problems presented by Microsoft\u2019s latest patch.<\/a><\/p>\n

\u201cThe major difference between these vulnerabilities and the more traditional PC-based vulnerabilities (such as Java and Windows vulnerabilities) is that the existence of vendor patches doesn\u2019t really matter,\u201d said Beardsley. \u201cEven if vendors release patched firmware for these devices, the vast majority of users will never learn about them. There aren\u2019t automatic update functions on any of these devices, and there is nothing like anti-virus software<\/a> that can run on these low-memory, low-power devices. As a result, these kinds of bugs are extremely long-lived.\u201d<\/p>\n

\u201cIn addition, if an attacker is able to get control of a device, that attacker has effective control over all the devices that associate with it. He can poison DNS, he can reflect traffic to a malicious site, he can inject phishing links in HTTP sessions, he can disable firewall rules \u2013 the number of attack vectors is limited only by imagination,\u201d Beardsley said. \u201cThis extends not only to the computers on the internal network, but also phones that associate to the wireless.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"

Confusion ensued last week after a well-known security researcher identified a number of incredibly troubling security vulnerabilities in a popular Linksys router developed by Cisco Systems. The networking giant almost<\/p>\n","protected":false},"author":42,"featured_media":1643,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5],"tags":[82,383,84],"class_list":{"0":"post-1641","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"tag-hacking","9":"tag-router","10":"tag-wifi"},"hreflang":[{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/wifi-router-hacking-protection\/1641\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/wifi-router-hacking-protection\/1641\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/wifi-router-hacking-protection\/1641\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/wifi-router-hacking-protection\/1641\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/wifi-router-hacking-protection\/1641\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/wifi-router-hacking-protection\/685\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/wifi-router-hacking-protection\/1641\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/wifi-router-hacking-protection\/1641\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/me-en.kaspersky.com\/blog\/tag\/hacking\/","name":"hacking"},"_links":{"self":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/1641","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/42"}],"replies":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=1641"}],"version-history":[{"count":1,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/1641\/revisions"}],"predecessor-version":[{"id":15509,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/1641\/revisions\/15509"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/1643"}],"wp:attachment":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=1641"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=1641"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=1641"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}