• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Home
  • Advertise With Us
  • Contact
  • Cookie Policy
    • Privacy statement (CA)
    • Cookie policy (CA)
    • Privacy statement (UK)
    • Cookie policy (UK)
    • Privacy statement (US)
    • Cookie Policy (US)
    • Privacy statement (EU)
    • Cookie policy (EU)
    • Disclaimer

TechWalls

Technology News | Gadget Reviews | Tutorials

  • Reviews
  • Tech News
  • Tech Guide
  • Gadget & Apps

Hundreds of thousands of ADSL routers open to attacks

Updated on Mar 23, 2015 by Guest Authors

Hackers could gain access to sensitive configuration data such as administrative credentials through a directory traversal flaw in at least 700,000 ADSL routers which have been distributed worldwide.

Kyle Lovett, a security researcher, discovered the webproc.cgi firmware flaw that lets attackers take over your routers provided by your Internet service provider. Although the vulnerability is not new, it has remained unpatched, leaving users susceptible to hackers.

The vulnerable devices include such device models from D-Link, Sitecom, WLR, FiberHome, Planet ADN, Digisol, Observa Telecom and ZTE. So if you own any of these routers, you are most certainly at risk. There are hundreds of thousands of other models that are vulnerable to this flaw. By country, users affected come from the U.S., Colombia, Moldova, Iran, Peru, Chile, Egypt, China, Italy, India, Argentina, and Thailand.

adsl-router

Using the directory traversal vulnerability, hackers will be able to extract sensitive files, who also contain the configuration settings of the routers, meaning that attackers will have full control of your device once they break into it. In addition to the configuration settings, the files involved also store password hashes, ISP connection usernames and passwords, the password for the configured wireless network and client and server credentials for remote management protocol.

It was found that the password hashes, because weak, are easy to crack, enabling hackers to log in to the routers as administrators and alter the device’s settings, including the DNS. Now this is a crucial setting, because once a DNS is compromised, the users will be redirected to a fake server even as they try to access legit websites.

But these vulnerabilities are not the only flaws that came out following a security investigation. Lovett found that a great majority of those routers contain support account that has hard-coded password which the researcher claims is easy to guess. And this password is in common use among the owners of the support account. This vulnerability is present even in routers that do not even have the directory traversal flaw.

Also, the active memory of the routers are remotely exposed to hackers, meaning the attackers have full view of the memory dump that contains data about the Internet traffic that passes through those devices. As a result, hackers could also gain access to several website credentials in plain text.

Based on the IP addresses discovered in recent attempts to exploit the routers, Lovett claims the attackers are coming from China. Aside from the remotely controlling the routers, attackers can also launch the attack from within local networks through a malware or cross-site request forgery technique.

Disclosure: We might earn commission from qualifying purchases. The commission help keep the rest of my content free, so thank you!

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Footer

TORRAS COOLIFY 2S Neck Air Conditioner Review – A Revolution in Personal Comfort

FLIR ONE Pro Review – A Must-Have Thermal Camera for Homeowners

OAK & IRON Wave Electric Outdoor Inflator Review

Carepod One MS031S2 Cool Mist Humidifier Review – The Sleek and Effective Solution for Dry Air

Follow TechWalls

YoutubeFacebookTwitterInstagram

Recent Posts

  • The Downsides of Using a Monitor Light Bar
  • TORRAS COOLIFY 2S Neck Air Conditioner Review – A Revolution in Personal Comfort
  • Celebrate Mother’s Day with BLUETTI’s Portable Power Solutions
  • Best Oral-B Alternative: Bitvae R2 Electric Toothbrush Review

Copyright © 2023 · All Rights Reserved

Manage Cookie Consent
We use technologies like cookies to store and/or access device information. We do this to improve browsing experience and to show personalized ads. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional cookies Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
View preferences
{title} {title} {title}