12 Million Home Routers Vulnerable to Takeover

  • 18 December 2014
  • 1 reply
  • 252 views

Userlevel 7
Badge +54
by Michael Mimoso December 18, 2014
 
More than 12 million devices running an embedded webserver called RomPager are vulnerable to a simple attack that could give a hacker man-in-the-middle position on traffic going to and from home routers from just about every leading manufacturer.
 
Mostly ISP-owned residential gateways manufactured by D-Link, Huawei, TP-Link, ZTE, Zyxel and several others are currently exposed. Researchers at Check Point Software Technologies reported the flaw they’ve called Misfortune Cookie, to all of the affected vendors and manufacturers, and most have responded that they will push new firmware and patches in short order.
 
Full Article

1 reply

Userlevel 7
By John P. Mello Jr.
12/29/14 12:09 PM PT

 
A number of things make IoT devices ripe for hacking. They're not monitored as a phone or computer would be, and they may reside in out-of-the-way locations. In the case of the "Misfortune Cookie" flaw recently found in the code of a commonly used embedded Web server, RomPager, fixes have been available since 2005, but 98 percent of the devices using it haven't been updated.
 
 
Check Point Software Technologies recently revealed a flaw in millions of routers that allows the devices to be controlled by hackers.
The company's Malware and Vulnerability Group detected 12 million Internet-connected devices that have the flaw.
The vulnerability, which Check Point dubbed "Misfortune Cookie," can be found in the code of a commonly used embedded Web server, RomPager from AllegroSoft. A system attacker can exploit it to take control of a router and use it to steal data from both wired and wireless devices connected to a network.
Fixes for the flaw have been available since 2005, but 98 percent of the devices using RomPager haven't been updated and still contain the vulnerable version of the software.
 
full article

Reply