DirecTV Wireless Kit has an Unpatched Vulnerability

DooKey

[H]F Junkie
Joined
Apr 25, 2001
Messages
13,500
Security researcher, Ricky Lawshae, has discovered a nasty vulnerability in the Linksys wireless video bridge provided with DirecTv's Genie server. This vulnerability allows a user to gain root access on the device and then install malware or backdoors without detection. You would think something like this would be patched immediately, but AT&T was notified of this over 6 months ago and still hasn't addressed this with any kind of patch. Not too cool AT&T/Linksys.

"However, after a while we heard nothing back so decided to go public. We want disclosure to drive action and the flaw can easily be exploited for a botnet covering a not-insignificant number of devices – it has the potential to be very nasty."
 
So someone with access to the home network, say via an infected PC, would be able to leverage this vulnerability to install malware...

So pretty much a non issue. If someone already has a compromised PC running scripts on other devices, it’s going to be the main problem.
 
So pretty much a non issue. If someone already has a compromised PC running scripts on other devices, it’s going to be the main problem.


Adding millions of new nodes to a botnet is no laughing matter
 
Do people use their DirecTV wireless for their computers? What possible reason would anyone have to do that? My regular dual-band WiFi is totally separate from the 5Ghz DirecTV WiFi that is just used for the TV boxes in other rooms. Even if someone compromised my DirecTV wifi, aside from fucking up my TV service, what else could they even do?
 
The door to my closet in the hallway doesn't have a lock. If someone was to break into my home through my locked front and back doors and windows, they would be able to open the closet with no problems.
 
I don't think the botnet is the real issue here. There are probably cheaper/easier/faster ways of expanding a botnet.

If the Wifi network created is easy to hack, that probably gives access to the WAN side of the Directv box, and probably the home network.

So I could see this being a focused target for wealthy individuals or corporate crime. Just one more attack vector.
 
Back
Top