May 24, 2017, 11:51:41 PM
Welcome, Guest. Please login or register.

If you are not part of the solution...You are part of the precipitate.

Author Topic: Netgear Routers Exibit Serious Security Flaw...Vendors 'Hot-fix' Uses same Vuln  (Read 1506 times)

Offline Gingerbread Man

  • *High Tech Low-life*
  • Administrator
  • Elite
  • *****
  • Posts: 926
  • Internets: +93/-0
http://fortune.com/2016/12/12/netgear-router-models-critical-vulnerability/

You guys are going to LOVE this one!!


Netgear has yet to fix a critical vulnerability uncovered by a hacker in several of its home Wi-Fi router models.

A security researcher using the online alias “Acew0rm” discovered the flaw, which allows attackers to gain complete control of affected routers with minimal effort. Last week, the researcher released the details of a simple exploit, or code that takes advantage of the vulnerability.

But here is the beautiful part folks...To help ameliorate the vulnerability while the vendor works on new firmware, the vendor suggests using the SAME VULNERABILITY to kill the service that is causing all of the trouble...

Very meta...Where is Leo Dicaprio in all of this eh?

http://[ROUTER_IP]/cgi-bin/;killall$IFS'httpd'

Offline ҜVŁΞǤØØŇ

  • Top Hat Member
  • Enthusiast
  • ********
  • Posts: 54
  • Internets: +41/-5
  • Reality is wrong. Dreams are for real.
http://fortune.com/2016/12/12/netgear-router-models-critical-vulnerability/

You guys are going to LOVE this one!!


Netgear has yet to fix a critical vulnerability uncovered by a hacker in several of its home Wi-Fi router models.

A security researcher using the online alias “Acew0rm” discovered the flaw, which allows attackers to gain complete control of affected routers with minimal effort. Last week, the researcher released the details of a simple exploit, or code that takes advantage of the vulnerability.

But here is the beautiful part folks...To help ameliorate the vulnerability while the vendor works on new firmware, the vendor suggests using the SAME VULNERABILITY to kill the service that is causing all of the trouble...

Very meta...Where is Leo Dicaprio in all of this eh?

http://[ROUTER_IP]/cgi-bin/;killall$IFS'httpd'

This has been out for a while one of my boy's is the person whom found this exploit .. i have no idea why they are just finding this out . The same person whom found this exploit is the same who made the mairai IOT .

Offline c0ldg0ld

  • Si Vis Pacem, Para Bellum
  • Global Moderator
  • Elite
  • *****
  • Posts: 524
  • Internets: +34/-0
    • Public Key
This looks like a job for Shodan...
rm -rf /bin/laden

Time is an illusion. Lunchtime doubly so.


Public Key

Offline c0ldg0ld

  • Si Vis Pacem, Para Bellum
  • Global Moderator
  • Elite
  • *****
  • Posts: 524
  • Internets: +34/-0
    • Public Key
10,652 worldwide if you count all three models they mention.  Don't worry I'm sure they are all patched ;)


Edit: Oh bloody hell, I didn't see the big ass list at the bottom...
« Last Edit: December 15, 2016, 10:19:51 PM by c0ldg0ld »
rm -rf /bin/laden

Time is an illusion. Lunchtime doubly so.


Public Key

Offline Gingerbread Man

  • *High Tech Low-life*
  • Administrator
  • Elite
  • *****
  • Posts: 926
  • Internets: +93/-0
I am already getting into double digits around here  8)

Offline Ov3rd0s3

  • *SQL INJECTION CERTIFIED*
  • Enthusiast
  • *****
  • Posts: 73
  • Internets: +17/-1
  • I walk in the light but reside in the shadows
Seen a while back =P funny how many routers are vulnerable and not just to this simple command injection LOL.
Lost In Space from the split OD on acid.

Offline Gingerbread Man

  • *High Tech Low-life*
  • Administrator
  • Elite
  • *****
  • Posts: 926
  • Internets: +93/-0
You are not even kidding there...

With proper effort...MOST SOHO devices exhibit these types of vulnerabilities these days

https://www.sohopelesslybroken.com/

https://www.cnet.com/news/top-wi-fi-routers-easy-to-hack-says-study/

The report, written by research firm Independent Security Evaluators of Baltimore, found that 13 of the most popular off-the-shelf wireless routers could be exploited by a "moderately skilled adversary with LAN or WLAN access." It also concludes that your best bet for safer Wi-Fi depends on router vendors upping their game. All 13 routers evaluated can be taken over from the local network, with four of those requiring no active management session. Eleven of the 13 can be taken over from a Wide-Area Network (WAN) such as a wireless network, with two of those requiring no active management session.

Offline c0ldg0ld

  • Si Vis Pacem, Para Bellum
  • Global Moderator
  • Elite
  • *****
  • Posts: 524
  • Internets: +34/-0
    • Public Key
Precisely why I built my own.  I have a pc engines apu1d4 running pfSense and some Ubiquity UniFi AC access points.  I'll never go back to an all in one device.  Got tired of them dying on me and I can cover two buildings plus an outdoor AP for any IoT things I have running checking the animals water etc.

Ubiquity EdgeSwitches are pretty slick as well we have some of the 250W PoE variants running our CCTV network at work and have had good luck.  I'm currently running an 8 port Gig PoE switch from Cisco/Meraki that I got for free from a webinar but as I grow I'll add a couple of those Edge Switches.
rm -rf /bin/laden

Time is an illusion. Lunchtime doubly so.


Public Key