AdaptiveMobile Security's mobile cybersecurity experts have announced a new method of hacking cell phones using…
Experts write that the vulnerability is associated with a component of the web server that is part of Netgear firmware. This web server is used to operate the built-in administration panel.
“The server does not correctly validate user input, does not use canary’s cookies to protect memory, and the server binary is not compiled as Position-independent Executable (PIE), that is, ASLR protection is not applied”, — says Adam Nichols.
All this allows an attacker to send malicious HTTP requests to a vulnerable device, which can be used to seize control of a router.
The PoC exploit has already been published on GitHub, and Nichols notes that in the end he “managed to launch the telnet daemon [router] with root privileges on TCP port 8888 and no password was required.”
At the beginning of this year, both researchers reported about vulnerabilities to Netgear representatives.
However, due to the danger of problem and the large amount of work required to create and test patches, the manufacturer asked the experts to temporarily hold the information about the bug and requested more time. As a result, the postponement expired this week, the corrections were not released, and the experts decided to publish the data on the problem.
Work on patches is still underway, but the exact timing of their release has not yet been announced. In addition, it is expected that not all routers will receive patches at all, as some of them are no longer supported.
I also recall that a year ago, Cisco Talos experts also warned about dangerous vulnerabilities in NETGEAR routers.
“Routers and modems often form an important security border that prevents attackers from directly exploiting the computers in a network. However, poor code quality and a lack of adequate testing has resulted in thousands of vulnerable SOHO devices being exposed to the internet for over a decade”, — concludes Adam Nichols.
A list of vulnerable firmware versions for all affected router models can be found here.
Let me also remind you that manufacturers of D-Link routers can’t close the bugs that IS discovered IS experts.
News-bpudepi.today is a domain that tries to trick you into subscribing to its browser notifications…
Doguhtam.xyz is a site that tries to trick you into subscribing to its browser notifications…
News-xlixoti.com is a site that tries to force you into subscribing to its browser notifications…
Ducesousightion.com is a domain that tries to trick you into clik to its browser notifications…
News-xlabica.live is a domain that tries to trick you into clik to its browser notifications…
Mergechain.co.in is a site that tries to trick you into subscribing to its browser notifications…