Slashdot Mirror

← Back to Stories (view on slashdot.org)

RealTek SDK Introduces Vulnerability In Some Routers

Posted by Soulskill on from the won't-fix dept.

jones_supa writes: SOHO routers from manufacturers including at least Trendnet and D-Link allow attackers anywhere in the world to execute malicious code on the devices, according to a security advisory issued over the weekend. The remote command-injection vulnerability resides in the "miniigd SOAP service" as implemented by the RealTek SDK. Before someone asks, there is no comprehensive list of manufacturers or models that are affected. Nerds may be able to spot them by using the Metasploit framework to query their router. If the response contains "RealTek/v1.3" or similar, the device is likely vulnerable. For now, the vulnerable routers should be restricted to communicate only with trusted devices. HP's Zero Day Initiative reported the bug confidentially to RealTek in August 2013, but the issue was disclosed 20 months later as no fix has been provided.

20 of 35 comments (clear)

  1. Sounds like a good policy anyway. by ron_ivi · · Score: 2

    should be restricted to communicate only with trusted devices

    Sounds like a good policy anyway.

  2. I knew it! by Anonymous Coward · · Score: 1

    You can't trust "realtek", they are everywhere yet none of their products are worth a dime.

  3. Er. 201*4*, no? by seebs · · Score: 2, Interesting

    TFA says 2014, not 2013. And thus, not 20 months later.

    --
    My blog: http://www.seebs.net/log/ --- My iPhone/iPad app: http://www.seebs.net/seebsfrac/
  4. Fritz!Box by DrYak · · Score: 1

    And I knew it was a good idea to go for AVM's Fritz!Box-es...

    (regular updates even for old models, no market segmentation where models only differ by firmware, trying to cram as much feature in one model as possible instead of launching 20 subtly different models, etc.)

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  5. Re:My 2c by jonwil · · Score: 1

    And what about when the router you use is an all-in-one provided by your ISP and you dont get a say in which one you use?
    Like cable companies that provide a cable modem/router and dont give you any choice but to use theirs.
    Or things like Verizon FiOS or AT&T U-Verse where they provide the same (modem/router in the one box)

  6. Or maybe support an Open Source option? by mcrbids · · Score: 2

    You could do that, or you could buy a router pre-configured with OSS from the factory. It's not even expensive at ~ $50.

    I bought a similar model about a year ago, and its large antennas and decent range/speed make it the best router I've yet had. If it's not even more expensive, why not support a vendor that supports (more) secure, Open Source solutions?

    I have no relationship with this vendor other than being a happy customer

    --
    I have no problem with your religion until you decide it's reason to deprive others of the truth.
    1. Re:Or maybe support an Open Source option? by Anonymous+Brave+Guy · · Score: 1

      Interesting idea, but the hardware spec for that device is so lacking in basic facilities that it will probably be a non-starter for a lot of people.

      --
      If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
    2. Re:Or maybe support an Open Source option? by drinkypoo · · Score: 1

      You could do that, or you could buy a router pre-configured with OSS from the factory. It's not even expensive at ~ $50.

      They don't seem to offer a model with GigE. That's an abject failure, today. Anything contemporary and not heinously expensive?

      FWIW, I'm using a C2D PC with 1xGigE, and a QFE card for routing and some ethernet ports, and 5-port switches on both the GigE and 100Mbps segments, then a Mikrotik Routerboard (411, IIRC) running OpenWRT to handle the WiFi. The total cost is somewhere around $120, but it does dramatically more...

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    3. Re:Or maybe support an Open Source option? by mcrbids · · Score: 1

      By spec, wireless N, up to 300 Mbit.

      In practice, I've gone through 4 different routers, and so far, this one has come out on top. It has two decent antennas which may be some of that difference, to be fair.

      My house was (over)built in the 1970s with 3/4" sheet rock, making each room almost like a Faraday cage - getting wifi signal *at all* from two rooms over is spotty at best. In my bedroom (2 doors away from the hotspot) I see about 15-20 Mbits, but in the same room I see up to ~ 40 Mbits for torrents. (50 Mbit connection, shared)

      Oh, and it being open source, I'm gonna bank on its code quality being a bit better...

      --
      I have no problem with your religion until you decide it's reason to deprive others of the truth.
    4. Re:Or maybe support an Open Source option? by amalcolm · · Score: 2

      why not support a vendor that supports ... Open Source solutions?

      Because open source software sucks balls?

      Isn't that a feature ? :)

      --
      Time for bed, said Zebedee - boing
  7. Re:My 2c by UnderCoverPenguin · · Score: 1

    And what about when the router you use is an all-in-one provided by your ISP and you dont get a say in which one you use?
    Like cable companies that provide a cable modem/router and dont give you any choice but to use theirs.
    Or things like Verizon FiOS or AT&T U-Verse where they provide the same (modem/router in the one box)

    So far, in my experience, cloning a PC's mac address to your own router's WLAN port has worked for me and for friends of mine. And since my router (as well as most of the PCs in my house) is running a version of Linux, I can truthfully say I'm running Linux.

    --
    Don't try to out wierd me, three-eyes. I get stranger things than you, free with my breakfast cereal. --Zaphod Beeblebr
  8. Re:My 2c by HannethCom · · Score: 1

    Shaw Cable in Canada allows you direct access to the configuration of the modem/router/wifi box. Unfortunately, if you turn off the wifi, it doesn't completely turn off the wifi. You have to call Shaw and get them to disable wifi on their side as turning if off in the software doesn't actually shut off the wifi, it just disables people seeing and connecting to it. The modem/router/wifi sometimes cuts out the cable modem part for a couple of minutes a few times a day if the wifi is enabled at all.

    --
    Microsoft, Apple, Google, Amazon what's the difference? All steal money from devs and control with walled gardens.
  9. Re:My 2c by gstoddart · · Score: 1

    Put your firewall behind their router?

    Yes, you have to use theirs to connect to the network .. but then you don't trust it and use your own.

    Or, will that not work for you?

    Because there's no way in hell I'd plug my PC directly into a router provided by my ISP. No fucking way. I trust neither them nor their security.

    Hell, I'm not even on the same router/wifi network as my wife, we both have a router connected to the ISPs router.

    It's just a device which gets a DHCP address, isn't it?

    --
    Lost at C:>. Found at C.
  10. Why are they allowed to get away with this? by Required+Snark · · Score: 1
    Suppose you bought a kitchen appliance and under a particular set of conditions it fried all the wiring in you house, and perhaps caused it to burn down. There would be a recall, and a lot of civil litigation. Why are electronic equipment manufacturers allowed to get away with this kind of crap?

    It's even worse, because unlike a lot of other gear, they can actually fix the problem in the field. They don't have to do a physical recall like car companies do. What they need is remote update features.

    I think it goes back to Windows. Gates and friends set the standard that computers would break, and that the users had no recourse. If it crashed and you lost something important you were just out of luck. No guarantee on anything.

    Now that everyone has accepted that manufacturers have no responsibility, we are completely stuck with infrastructure that makes it impossible to have secure online transactions. Users are deliberately kept in the dark and known bugs remain unfixed.

    Until there is some change in the law that places liability where it belongs, on the manufacturers, nothing will change. Given the current political climate there is no chance of change. We're just screwed.

    --
    Why is Snark Required?
    1. Re:Why are they allowed to get away with this? by MechaStreisand · · Score: 2

      Liability belongs with the ones making a profit from it, Anonymous Idiot.

      --
      Disclaimer: IANAL. This post is, however, legal advice, and creates an attorney-client relationship.
    2. Re:Why are they allowed to get away with this? by amalcolm · · Score: 1

      Why? If a manufacutere decides to use ANY software in his product, it's up to him/her to A: test the software in the configuration he installs it in, on his hardware B: fix bugs and provide patches/updates This is irregardless of the provenance of the software. If its FOSS, there is at least the possiblity that bug fixes and updates will be provided for him/her by trhe community that wrote/supprts it, saving time and effort. As was stated above, when you start making a profit from software, however it was sourced, the manufactureere should take responsibility for it, throughout its lifetime.

      --
      Time for bed, said Zebedee - boing
    3. Re:Why are they allowed to get away with this? by viperidaenz · · Score: 1

      But it as a consumer and leverage your consumer rights you are granted in by your local laws. They're usually something along the lines of fit for purpose and of acceptable quality. Retails usually must provide remedy, replacement or refunds.

  11. Re:My 2c by tlhIngan · · Score: 1

    Shaw Cable in Canada allows you direct access to the configuration of the modem/router/wifi box. Unfortunately, if you turn off the wifi, it doesn't completely turn off the wifi. You have to call Shaw and get them to disable wifi on their side as turning if off in the software doesn't actually shut off the wifi, it just disables people seeing and connecting to it. The modem/router/wifi sometimes cuts out the cable modem part for a couple of minutes a few times a day if the wifi is enabled at all.

    If you're on Shaw,give Customer Service a call and ask them to set your modem to bridge mode. (Shaw disables the option to do it from the web GUI). This turns off the router complete and it just bridges the DOCSIS modem to the LAN ports. If you have the Cisco modem, it's bridged to all 4 "LAN" ports. If you have the SMC or HiTron modem, it's bridged to port 1 only.

    Stick your regular router to that port and you're done. No need to do anything fancy to use your router.

    Note that startup's a bit tricky as the modem will run the routing software for a minute first in case you want to change the settings, before it resets itself and sets up the bridge. Sometimes my router grabs the settings IP (192.168.100.x) and needs to be released/renewed to grab the proper WAN IP.

    Bridged my modem, run a super nice high end router on it and never looked back.

  12. Not a bug. Won't fix. by Anonymous Coward · · Score: 1

    This is our hardware. We made it, we're going to have a backdoor into it.

  13. Re:My 2c by viperidaenz · · Score: 1

    It looks like this issue only effects routers running some version of Linux, since miniigd is an application designed to run on Linux.

    Here's a copy of its start-up script
    https://github.com/KrabbyPatty...