An Interest In:
Web News this Week
- March 31, 2024
- March 30, 2024
- March 29, 2024
- March 28, 2024
- March 27, 2024
- March 26, 2024
- March 25, 2024
Some of Our Sources
- Engadget
- Web Designer Wall
- Joshua Blankenship
- Spoon Graphics
- You The Designer
- Creative Curio
- Inspiredology
- Android Dissected
- Codrops
- Daily Now
Help Webnuz
Referal links:
December 5, 2021 04:34 am
Original Link: https://mobile.slashdot.org/story/21/12/05/049252/nine-wifi-routers-used-by-millions-were-vulnerable-to-226-flaws?utm_source=rss1.0mainlinkanon&utm_me
Nine WiFi Routers Used by Millions Were Vulnerable to 226 Flaws
"Security researchers analyzed nine popular WiFi routers and found a total of 226 potential vulnerabilities in them," reports Bleeping Computer, "even when running the latest firmware."Slashdot reader joshuark shared their report:The tested routers are made by Asus, AVM, D-Link, Netgear, Edimax, TP-Link, Synology, and Linksys, and are used by millions of people... Researchers at IoT Inspector carried out the security tests in collaboration with CHIP magazine, focusing on models used mainly by small firms and home users. "For Chip's router evaluation, vendors provided them with current models, which were upgraded to the latest firmware version," Florian Lukavsky, CTO & Founder at IoT Inspector, told BleepingComputer via email. "The firmware versions were automatically analyzed by IoT Inspector and checked for more than 5,000 CVEs and other security issues...." While not all flaws carried the same risk, the team found some common problems that affected most of the tested models: - Outdated Linux kernel in the firmware- Outdated multimedia and VPN functions- Over-reliance on older versions of BusyBox- Use of weak default passwords like "admin"- Presence of hardcoded credentials in plain text form.... All of the affected manufacturers responded to the researchers' findings and released firmware patches. The researchers demonstrated one exploit they found on one of the routers that extracted the AES key used for the firmware encryption, letting malicious firmware image updates pass verification checks on the device — and thus potentially planting malware on the router. jd (Slashdot reader #1,658) shares another perspective on the same study from Security Week:Not all of the identified weaknesses are considered real security flaws, and for some bugs it is unclear whether exploitation is even possible. However, many of the identified vulnerabilities (ranging from 2 in AVM devices to nearly a dozen in other routers) were classified as high- and medium-severity.Read more of this story at Slashdot.
Original Link: https://mobile.slashdot.org/story/21/12/05/049252/nine-wifi-routers-used-by-millions-were-vulnerable-to-226-flaws?utm_source=rss1.0mainlinkanon&utm_me
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot