• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Home
  • Write for Us
  • Contact
  • Advertise
  • Cookie Policy
    • Privacy statement (CA)
    • Cookie policy (CA)
    • Privacy statement (UK)
    • Cookie policy (UK)
    • Privacy statement (US)
    • Do Not Sell My Personal Information
    • Privacy statement (EU)
    • Cookie policy (EU)
    • Disclaimer

TechWalls

Technology News | Gadget Reviews | Tutorials

  • Reviews
  • Tech News
  • Tech Guide
  • Gadget & Apps

Hundreds of thousands of ADSL routers open to attacks

Updated on Mar 23, 2015 by Guest Authors

Hackers could gain access to sensitive configuration data such as administrative credentials through a directory traversal flaw in at least 700,000 ADSL routers which have been distributed worldwide.

Kyle Lovett, a security researcher, discovered the webproc.cgi firmware flaw that lets attackers take over your routers provided by your Internet service provider. Although the vulnerability is not new, it has remained unpatched, leaving users susceptible to hackers.

The vulnerable devices include such device models from D-Link, Sitecom, WLR, FiberHome, Planet ADN, Digisol, Observa Telecom and ZTE. So if you own any of these routers, you are most certainly at risk. There are hundreds of thousands of other models that are vulnerable to this flaw. By country, users affected come from the U.S., Colombia, Moldova, Iran, Peru, Chile, Egypt, China, Italy, India, Argentina, and Thailand.

adsl-router

Using the directory traversal vulnerability, hackers will be able to extract sensitive files, who also contain the configuration settings of the routers, meaning that attackers will have full control of your device once they break into it. In addition to the configuration settings, the files involved also store password hashes, ISP connection usernames and passwords, the password for the configured wireless network and client and server credentials for remote management protocol.

It was found that the password hashes, because weak, are easy to crack, enabling hackers to log in to the routers as administrators and alter the device’s settings, including the DNS. Now this is a crucial setting, because once a DNS is compromised, the users will be redirected to a fake server even as they try to access legit websites.

But these vulnerabilities are not the only flaws that came out following a security investigation. Lovett found that a great majority of those routers contain support account that has hard-coded password which the researcher claims is easy to guess. And this password is in common use among the owners of the support account. This vulnerability is present even in routers that do not even have the directory traversal flaw.

Also, the active memory of the routers are remotely exposed to hackers, meaning the attackers have full view of the memory dump that contains data about the Internet traffic that passes through those devices. As a result, hackers could also gain access to several website credentials in plain text.

Based on the IP addresses discovered in recent attempts to exploit the routers, Lovett claims the attackers are coming from China. Aside from the remotely controlling the routers, attackers can also launch the attack from within local networks through a malware or cross-site request forgery technique.

Disclosure: As an Amazon Associate, I earn from qualifying purchases. The commission help keep the rest of my content free, so thank you!

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Footer

Keychron K4 Wireless Mechanical Keyboard Review – The Biggest & The Best?

Keychron K6 Wireless Mechanical Keyboard Review – Nice Balance Between Design and Function

AuthenTrend AT.Wallet Fingerprint Cryptocurrency Wallet Review – The Coolest One You Can Buy

Yeedi K650 Robot Vacuum Review – A Good Basic Vacuum

Follow TechWalls

YoutubeFacebookTwitterInstagram

Recent Posts

  • Samsung Galaxy S21 Ultra Model Number SM-G998* Differences
  • Samsung Galaxy S21+ 5G Model Number SM-G996* Differences
  • Samsung Galaxy S21 5G Model Number SM-G991* Differences
  • How to Read and Write to NTFS Drives on Apple M1 Mac?

Copyright © 2021 · All Rights Reserved