Router Vulnerability Puts 12 Million Home and Business Routers at Risk!

More than 12 million routers in homes and businesses around the world are vulnerable to a critical software bug that can be exploited by hackers to remotely monitor users’ traffic and take administrative control over the devices, from a variety of different manufacturers.The critical vulnerability actually resides in web server “RomPager” made by a company known as AllegroSoft, which is typically embedded into the firmware of router , modems and other “gateway devices” from about every leading manufacturer.

The HTTP server provides the web-based user-friendly interface for configuring the products.Researchers at the security software company Check Point have discovered that the RomPager versions prior to 4.34 — software more than 10 years old — are vulnerable to a critical bug, dubbed as Misfortune Cookie. The flaw named as Misfortune Cookie because it allows attackers to control the “fortune” of an HTTP request by manipulating cookies.HOW MISFORTUNE COOKIE FLAW WORKSThe vulnerability, tracked as CVE-2014-9222 in the Common Vulnerabilities and Exposures database, can be exploited by sending a single specifically crafted request to the affected RomPager server that would corrupt the gateway device’s memory, giving the hacker administrative control over it. Using which, the attacker can target any other device on that network.

“Attackers can send specially crafted HTTP cookies [to the gateway] that exploit the vulnerability to corrupt memory and alter the application and system state,” said Shahar Tal, malware and vulnerability research manager with Check Point. “This, in effect, can trick the attacked device to treat the current session with administrative privileges – to the misfortune of the device owner.Once attackers gain the control of the device, they could monitor victims’ web browsing, read plaintext traffic traveling over the device, change sensitive DNS settings, steal account passwords and sensitive data, and monitor or control Webcams, computers, or other network connected devices.

MAJOR ROUTERS & GATEWAY BRANDS VULNERABLEAt least 200 different models of gateway devices, or small office/home office SOHO routers from various manufacturers and brands are vulnerable to Misfortune Cookie, including kit from D-Link, Edimax, Huawei, TP-Link, ZTE, and ZyXEL.

via Router Vulnerability Puts 12 Million Home and Business Routers at Risk – Hacker News.


No Comments so far.

Leave a Reply