HackDig : Dig high-quality web security articles for hacker

Asus wireless router flaw opens network to local attackers

2015-01-09 19:30
A researcher has discovered a security hole in the firmware of several wireless Asus router models which could be exploited by an attacker to gain complete control of the network and use it to mount other attacks from this vantage point.

Luckily, the vulnerability (CVE-2014-9583) can't be exploited by remote attackers - they have to be on the network. Nevertheless, it presents a serious problem for those who run public access Wi-Fi networks or those who don't trust the people who are allowed to connect to their private one.

"Several models of ASUS's routers include a service called infosvr that listens on UDP broadcast port 9999 on the LAN interface. It's used by one of Asus's tools to ease router configuration by automatically locating routers on the local subnet. This service runs with root privileges and contains an unauthenticated command execution vulnerability," explained researcher Joshua Drake.

"Currently, all known firmware versions for applicable routers (RT-AC66U, RT-N66U, etc.) are assumed vulnerable."

He shared a working exploit of the flaw, but also linked to a few workarounds that can help users protect themselves until a firmware update plugging the hole is made available. One of these includes disabling the infosvr service after each device reboot.

While waiting for Asus to react, users can also try out the latest version (v.376.49_5) of Asuswrt-Merlin, a custom firmware for Asus routers, in which the issue in question has already been fixed.





Source: php.dlrowces/se-Ep0NSdoL/3~/ytiruceSteNpleH/r~/moc.elgoog.yxorpdeef

Read:1757 | Comments:0 | Tags:No Tag

“Asus wireless router flaw opens network to local attackers”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud