Gizbeat recently posted regarding mobile malware, but this post addresses recent flaws found in routers. Many of them given to customers by their ISPs.

Kyle Lovett, a security analyzer has found a serious flaw in some ADSL routers given to customers by ISPs. The flaw makes them susceptible to remote hack attempts.hacker The models have been distributed around the world. They have been given to customers by ISPs In Colombia, India, Argentina, Thailand, Moldova, Iran, Peru, Chile, Egypt, China and Italy. Some have been found in other countries, including the U.S. purchased from retail outlets or online.

Lovett found that most affected routers are using firmware from the Chinese company Shenzhen Gongjin Electronics, who also does business under the name T&W. They manufacture parts for router vendors such as D-Link, Asus, Alcatel-Lucent, Belkin, ZyXEL and Netgear.

The security hole is called “directory traversal” and is in the firmware as webproc.cgi

At this point, it’s not clear whether Shenzhen Gongjin Electronics is aware of the flaw, or whether a patch has been released. Lovett has notified the manufacturers of the models discovered thus far. He announced his discovery on Wednesday at a security conference in the UK.

The security hole is called “directory traversal” and is in the firmware as webproc.cgi. Hackers can obtain config.xml which contains the config settings, including the admin’s password hashes (easily crackable due to weak encryption algorithms), ISP connection logon name and password, Wi-Fi password, and client and server credentials for the TR-069 remote management protocols which is used by some ISPs.

Lovett discovered the hole when analyzing an ADSL router several months back. He researched the discovery further and found more than the issue affects more than 700,000 routers worldwide.

Models discovered to have the security flaw to date

  • ZTE H108N
  • ZTE H108NV2.1
  • D-Link 2750E
  • D-Link 2730U
  • D-Link 2730E
  • Sitecom WLM-3600
  • Sitecom WLR-6100
  • Sitecom WLR-4100
  • FiberHome HG110
  • Planet ADN-4101
  • Digisol DG-BG4011N
  • Observa Telecom BHS_RTA_R1A

If you own one of the routers mentioned above, Gizbeat strongly advises you to check for a firmware update for your router, and if none is yet available, contact the manufacturer to determine when one will be released. If they are clueless you may want to consider purchasing a new router. Decent name brand routers can now be had for $15-20.

Serious security flaw found in 700,000 routers worldwide http://www.gizbeat.com/wp-content/uploads/hacker.jpghttp://www.gizbeat.com/wp-content/uploads/hacker-150x150.jpg Damian Parsons NoteworthyRecent
Gizbeat recently posted regarding mobile malware, but this post addresses recent flaws found in routers. Many of them given to customers by their ISPs. Kyle Lovett, a security analyzer has found a serious flaw in some ADSL routers given to customers by ISPs. The flaw makes them susceptible to remote...
<a title="Tech Security: Shutdown Malware on Chinese Phones, Lenovo’s Superfish Cure, Hacked SIM Encryption" href="http://www.gizbeat.com/6525/tech-security-shutdown-malware-on-chinese-phones-lenovos-superfish-cure-hacked-sim-encryption/">Gizbeat recently posted regarding mobile malware</a>, but this post addresses recent flaws found in routers. Many of them given to customers by their ISPs. Kyle Lovett, a security analyzer has found a serious flaw in some ADSL routers given to customers by ISPs. The flaw makes them susceptible to remote hack attempts.<span id="more-7091"></span><a href="http://www.gizbeat.com/wp-content/uploads/hacker.jpg"><img class="aligncenter wp-image-7092 size-full" src="http://www.gizbeat.com/wp-content/uploads/hacker.jpg" alt="hacker" width="300" height="212" /></a> The models have been distributed around the world. They have been given to customers by ISPs In Colombia, India, Argentina, Thailand, Moldova, Iran, Peru, Chile, Egypt, China and Italy. Some have been found in other countries, including the U.S. purchased from retail outlets or online. Lovett found that most affected routers are using firmware from the Chinese company Shenzhen Gongjin Electronics, who also does business under the name T&W. They manufacture parts for router vendors such as D-Link, Asus, Alcatel-Lucent, Belkin, ZyXEL and Netgear. <blockquote>The security hole is called "directory traversal" and is in the firmware as webproc.cgi</blockquote> At this point, it's not clear whether Shenzhen Gongjin Electronics is aware of the flaw, or whether a patch has been released. Lovett has notified the manufacturers of the models discovered thus far. He announced his discovery on Wednesday at a security conference in the UK. The security hole is called "directory traversal" and is in the firmware as webproc.cgi. Hackers can obtain config.xml which contains the config settings, including the admin's password hashes (easily crackable due to weak encryption algorithms), ISP connection logon name and password, Wi-Fi password, and client and server credentials for the TR-069 remote management protocols which is used by some ISPs. Lovett discovered the hole when analyzing an ADSL router several months back. He researched the discovery further and found more than the issue affects more than 700,000 routers worldwide. <strong>Models discovered to have the security flaw to date</strong> <ul> <li>ZTE H108N</li> <li>ZTE H108NV2.1</li> <li>D-Link 2750E</li> <li>D-Link 2730U</li> <li>D-Link 2730E</li> <li>Sitecom WLM-3600</li> <li>Sitecom WLR-6100</li> <li>Sitecom WLR-4100</li> <li>FiberHome HG110</li> <li>Planet ADN-4101</li> <li>Digisol DG-BG4011N</li> <li>Observa Telecom BHS_RTA_R1A</li> </ul> If you own one of the routers mentioned above, Gizbeat strongly advises you to check for a firmware update for your router, and if none is yet available, contact the manufacturer to determine when one will be released. If they are clueless you may want to consider purchasing a new router. Decent name brand routers can now be had for $15-20.

Related Posts

Teardown of Doogee Mix shows MT6757CH, not MT6757T

Teardown of Doogee Mix shows MT6757CH, not MT6757T

ISOCELL officially now a brand as opposed to just a technology

ISOCELL officially now a brand as opposed to just a technology

Samsung ready to ship incredible 49 inch gaming monitor

Samsung ready to ship incredible 49 inch gaming monitor

There is a new Qualcomm SoC coming with 14nm architecture. Snapdragon 435 vs Snapdragon 450.

There is a new Qualcomm SoC coming with 14nm architecture. Snapdragon 435 vs Snapdragon 450.

Full 4GB 64GB 6000mAh Oukitel K6000 Plus review

Full 4GB 64GB 6000mAh Oukitel K6000 Plus review

Google AI is now programming itself

Google AI is now programming itself