If you have a Linksys or Netgear router, or some other brands that I will get to in a moment, you need to pay attention to this story. A hacker has found a backdoor in the Linksys WAG200G router, that gives access to the admin panel without authentication:
The backdoor requires that the attacker be on the local network, so this isn’t something that could be used to remotely attack DSL users. However, it could be used to commandeer a wireless access point and allow an attacker to get unfettered access to local network resources.
Eloi Vanderbeken described the backdoor in a PowerPoint posted with the code to Github. In his illustrated report, he explained how over the Christmas holiday he was trying to get access to the administrative console of his family’s Linksys WAG200G wireless DSL gateway wirelessly—mostly so he could limit how much bandwidth the others in the house were using. But Vanderbeken had previously turned off wireless access to the administration web console (and had forgotten his administrative password).
You can read the rest of the post to see exactly how he did it. But what is scary is that the router in question was made by a company named Sercomm. That means that Cisco, Watchguard, Belkin and various others maybe affected by this as well:
Soon, confirmations that the backdoor worked with other models of Linksys and Netgear wireless DSL modems came flooding in. A commenter on Hacker News noted that the backdoor might effect wireless routers with DSL modems from SerComm, which manufactured many of Linksys’ older DSL modems. A list of SerComm devices from various vendors matches up with the router-modems reported as vulnerable thus far.
If you have one of these devices, it’s important to note that you cannot be hacked from outside the network unless some extraordinary are taken to do so. But someone who is connected to your network can leverage this easily. There’s been no comment from the companies who sell routers that have this problem. But you can fully expect them to say something as this story gets out.
Like this:
Like Loading...
Related
This entry was posted on January 3, 2014 at 11:10 am and is filed under Commentary with tags Hacked, Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Backdoor Discovered In Some Linksys & Netgear Routers
If you have a Linksys or Netgear router, or some other brands that I will get to in a moment, you need to pay attention to this story. A hacker has found a backdoor in the Linksys WAG200G router, that gives access to the admin panel without authentication:
The backdoor requires that the attacker be on the local network, so this isn’t something that could be used to remotely attack DSL users. However, it could be used to commandeer a wireless access point and allow an attacker to get unfettered access to local network resources.
Eloi Vanderbeken described the backdoor in a PowerPoint posted with the code to Github. In his illustrated report, he explained how over the Christmas holiday he was trying to get access to the administrative console of his family’s Linksys WAG200G wireless DSL gateway wirelessly—mostly so he could limit how much bandwidth the others in the house were using. But Vanderbeken had previously turned off wireless access to the administration web console (and had forgotten his administrative password).
You can read the rest of the post to see exactly how he did it. But what is scary is that the router in question was made by a company named Sercomm. That means that Cisco, Watchguard, Belkin and various others maybe affected by this as well:
Soon, confirmations that the backdoor worked with other models of Linksys and Netgear wireless DSL modems came flooding in. A commenter on Hacker News noted that the backdoor might effect wireless routers with DSL modems from SerComm, which manufactured many of Linksys’ older DSL modems. A list of SerComm devices from various vendors matches up with the router-modems reported as vulnerable thus far.
If you have one of these devices, it’s important to note that you cannot be hacked from outside the network unless some extraordinary are taken to do so. But someone who is connected to your network can leverage this easily. There’s been no comment from the companies who sell routers that have this problem. But you can fully expect them to say something as this story gets out.
Share this:
Like this:
Related
This entry was posted on January 3, 2014 at 11:10 am and is filed under Commentary with tags Hacked, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.