Search This Blog

Showing posts with label Router vulnerability. Show all posts

Cisco devices has critical vulnerabilities

Security researchers have found many serious vulnerabilities inside dozens of Cisco devices.

A cybersecurity company Red Baron claims that the Cisco 1001-X comes with two major flaws. One is a software flaw inside Cisco’s router’s operating system, which would allow hackers root access. The second flaw is much more dangerous as it allows potential malicious actors to bypass the router’s security feature, Trust Anchor. 

The second flaw “means we can make arbitrary changes to a Cisco router, and the Trust Anchor will still report that the device is trustworthy. Which is scary and bad, because this is in every important Cisco product. Everything,” Ang Cui, the founder, and CEO of Red Balloon explained.

In the meantime, the firm released a fix for the first flaw, but are still working on the second one. “The Trust Anchor module is not directly involved in the work demonstrated by Red Balloon,” a spokesperson told Wired.

It is believed that the vulnerability could become serious if not handled carefully and on time. 

Vulnerability in Realtek SDK leaves D-Link and TRENDnet routers vulnerable to Hackers

D-Link and TRENDnet's routers are vulnerable to remote code execution attacks due to a flaw in a component of the Realtek, Software Development Kit (SDK).

A content developer at HP Enterprise Security discovered the flaw.

Ricky Lawshae first informed about the flaw to HP’s Zero-Day Initiative (ZDI) in August 2014. Then in October, he reported for the last time about his findings to them.

However, the Realtek did not come up with a plan to solve the problem. As a result, the routers flaw has been disclosed.

The vulnerability (CVE-2014-8361) allows a remote, unauthenticated attacker to execute arbitrary code on affected systems with root privileges. ZDI has assigned the vulnerability a CVSS score of 10.

The security hole affects the Realtek SDK used for RTL81xx chipsets.

Although, the flaw on D-Link and TRENDnet routers has been discovered, it is not clear that how many small office and home (SOHO) routers are affected.

The researcher however said that those devices using the minigd binary from the Realtek SDK are likely to be vulnerable.

“Given the stated purpose of Realtek SDK, and the nature of the vulnerability, the only salient mitigation strategy is to restrict interaction with the service to trusted machines,” ZDI officials wrote in an advisory published on Friday.

“Only the clients and servers that have a legitimate procedural relationship with products using Realtek SDK service should be permitted to communicate with it.”

Realtek still has not commented on the findings.

D-Link has released firmware updates that addresses the security vulnerabilities in affected D-Link devices.

It is said that the flaw, which was found on those wireless routers, are not unique or rare.

Earlier, researchers reported about the several vulnerabilities related to the ncc/ncc2 service used by devices from the vendors. Both D-Link and Trendnet released firmware updates to address the issues.

Last month, a researcher complained that D-Link had failed to properly patch those vulnerabilities related to the Home Network Administration Protocol (HNAP).

Cisco Small Business Routers can be remotely hacked

A security flaw in the Cisco wireless VPN router and cisco wireless VPN firewall allows an attacker to gain remote access to the admin panel of the web management interface of the affected device.

According to the security advisory, the vulnerability is due to the improper handling of authentication requests by web framework.

"An attacker could exploit this vulnerability by intercepting, modifying and resubmitting an authentication request. " the security advisory reads.

Common Vulnerability Scoring System (CVSS) rated this vulnerability as highly critical vulnerability - base score is 10.

Cisco has issued a software update for all of the affected devices which will address this vulnerability.  There are currently no known workarounds that mitigate this vulnerability.

Cisco says the vulnerability is not being publicly exploited by any attackers.  It was reported by a security researcher Gustavo Javier Speranza.