- Joined
- Aug 20, 2006
- Messages
- 13,000
The saga of Netgear’s incompetence continues with this report of a bug that allows hackers to gain admin credentials and access. While news of an exploit is never good, it is a lot worse when it concerns Netgear’s hardware, as the company has demonstrated that it prefers a slower approach when it comes to fixing their mistakes. Luckily, this particular bug has “already” been patched, as the researcher bugged the company for nine months about it. I am almost positive that there is still no official firmware update for their last reported fumble, however. How many of you guys have jumped shipped from consumer routers?
The flaws, designated CVE-2017-5521 and TWSL2017-003, were discovered by researcher Simon Kenin of Trustwave, who found that by triggering an error message, the router can be tricked into handing over a numerical code that can then be used with the password recovery tool to retrieve the router's administrator credentials. Further research led Kenin to discover that in many cases, the numerical code is not even necessary, and that random strings sent directly to the password recovery script would still cause the login information to be displayed. In short, anyone who can pull up the router administrator screen, be it over the web or local Wi-Fi network, can obtain the admin password and gain complete control over the router itself. "We have found more than ten thousand vulnerable devices that are remotely accessible," said Kenin. "The real number of affected devices is probably in the hundreds of thousands, if not over a million."
The flaws, designated CVE-2017-5521 and TWSL2017-003, were discovered by researcher Simon Kenin of Trustwave, who found that by triggering an error message, the router can be tricked into handing over a numerical code that can then be used with the password recovery tool to retrieve the router's administrator credentials. Further research led Kenin to discover that in many cases, the numerical code is not even necessary, and that random strings sent directly to the password recovery script would still cause the login information to be displayed. In short, anyone who can pull up the router administrator screen, be it over the web or local Wi-Fi network, can obtain the admin password and gain complete control over the router itself. "We have found more than ten thousand vulnerable devices that are remotely accessible," said Kenin. "The real number of affected devices is probably in the hundreds of thousands, if not over a million."