At Least 700,000 Routers Given To Customers By ISPs Are Vulnerable To Hacking

itwbennett writes: More than 700,000 ADSL routers provided to customers by ISPs around the world contain serious flaws that allow remote hackers to take control of them. Most of the routers have a 'directory traversal' flaw in a firmware component called webproc.cgi that allows hackers to extract sensitive configuration data, including administrative credentials. The flaw isn't new and has been reported by multiple researchers since 2011 in various router models.

Run your own equipment

[chuckinator]

I've always run my own hardwsare for years for a reason: it gives me a buffer beyond which I know the ISP no longer has control of my home network. 2x OpenWRT routers, a managed switch in the middle, and a lightweight embedded PC running the essential network services (dhcp, dns, ntp, etc), and the IT management overhead is fairly low.

Re:Run your own equipment

[Njorthbiatr]

Me too, since the only reason they want you to use their router is in the first place is to price gouge with rental fees.

Re:Run your own equipment

Uh no, those hotspot things require people to be a subscript, it's not pure public and unrestricted access.

Re:Run your own equipment

[neghvar1]

This is why I always run my own router behind the ISP's router. Create a DMZ between the 2 routers with a 255.255.255.252 subnet so that the only available IP addresses are one for the WAN port on my router and the other for the LAN port on the ISP router.

Re:Run your own equipment

But they can't, since once they stop subscribing, they're no longer able to use the WiFi.

So quit all you want, then you can't mooch because they're actively requiring you to be a subscriber.

Is this flying past you somehow?

Belkin N150

Why doesn't the OP mention that they're only talking about the Belkin N150, with various versions of the firmware prior to v1.00.08?