Slashdot Mirror

← Back to Stories (view on slashdot.org)

At Least 700,000 Routers Given To Customers By ISPs Are Vulnerable To Hacking

Posted by Soulskill on from the seeds-of-a-class-action dept.

itwbennett writes: More than 700,000 ADSL routers provided to customers by ISPs around the world contain serious flaws that allow remote hackers to take control of them. Most of the routers have a 'directory traversal' flaw in a firmware component called webproc.cgi that allows hackers to extract sensitive configuration data, including administrative credentials. The flaw isn't new and has been reported by multiple researchers since 2011 in various router models.

3 of 96 comments (clear)

  1. Service backdoors by Registered+Coward+v2 · · Score: 4, Interesting

    Having been a field engineer, where I had to fix and make work the stuff the idiots who called them selves engineers doing the design, having a backdoor to access systems was very useful. Customer didn't remember the password? No problem, I still had a way into the control system. I did, however, wonder what other equipment had the same "feature?" My stuff had no public facing interface no network connection so illicit access was not an issue except maybe if a disgruntled employee decided to have some fun; but the general design approach was "we need backdoors for support reasons" and that mentality carried over as equipment became more connected and no one ever seems 2015-03-20o question it or assess the risks vs reward for such a design philosophy. Of course, no one would ever access the proprietary "Company Confidential" engineering support documentation, right? It's kept safe right here on our internal document so no one weill ever know our backdoor user is "admin" with a password of "Pass1234" and thus we can make them easy for our field support staff, who we at HQ all know are dumb knuckle dragging mouth breathers anyway, to remember.

    --
    I'm a consultant - I convert gibberish into cash-flow.
  2. Re:And this is why... by Anonymous Coward · · Score: 3, Interesting

    Why don't you just buy a docsis 3 modem then? Stop paying for the privilege of renting a modem.

  3. Many routers are hacked to use a rogue DNS by Anonymous Coward · · Score: 4, Interesting

    Many of the routers in Thailand are hacked to use a DNS owned by a Lebanese company that replaces the DNS entries of ad-networks by their own ad-networks and redirect servers.

    The largest ISP hands out ZyXEL routers that are vulnerable. This is probably also happening in other countries, only for Thailand this must be already a million dollar business.

    Check the DNS entry of your router! You might not observe that you are hacked if you use an ad-blocker or hard-coded DNS in your system.