At Least 700,000 Routers Given To Customers By ISPs Are Vulnerable To Hacking

itwbennett writes: More than 700,000 ADSL routers provided to customers by ISPs around the world contain serious flaws that allow remote hackers to take control of them. Most of the routers have a 'directory traversal' flaw in a firmware component called webproc.cgi that allows hackers to extract sensitive configuration data, including administrative credentials. The flaw isn't new and has been reported by multiple researchers since 2011 in various router models.

Ive developed a workaround for many models.

[nimbius]

This is a preliminary workaround so im sure many of you will find bugs, but heres what im using:
1. unbox the router from your ISP. Many will come with an extra CAT 5 cord. Set this aside.
2. position the router (and wireless antennas should it come with wireless) directly above your garbage can
3. releasing the device will cause it to fall at 9.81m/s^2 directly into the bin (NOTE: this DOES NOT WORK or may respond slowly in areas without earth mode gravity...double check first.)
4. Wind the cat 5 cord in a pretty loop and hang it up with the rest of them.
5. continue instructions at: https://openwrt.org./

Re:Run your own equipment

[RabidReindeer]

Well, if EVERYONE decides they'll mooch off their neightbor, it's Communism!

And if no one actually HAS WiFi to mooch off of, that's Soviet-style Communism.

Re:Service backdoors

[cliffjumper222]

> no one ever seems 2015-03-20o question it or assess the risks vs reward for such a design philosophy.

This date brought to you by the backdoor to the letter "t"!