Researchers from the German IT Magazine publisher CHIP discovered hundreds of potential vulnerabilities across nine vendors of popular wireless routers. The following vendors could be affected:
The researchers analysed the configuration of network devices using the IoT Inspector’s firmware security platform, which performs automated checks for thousands of CVEs. The most common identified issue, in the devices assessed, were instances of outdated Linux Kernel versions. Followed by outdated multimedia and VPN functions, hardcoded and weak credentials and insecure communication protocols.
Whilst some of these vulnerabilities have been classified as false positives, an attacker who successfully exploits a vulnerability in a Router can:
- Intercept traffic on a network, including sensitive information such as credentials.
- Pivot from the outside onto the internal network, establishing a foothold on internal infrastructure.
- Deny legitimate users access to the server.
The following Router models are known to be affected:
- TP-Link Archer AX6000 – 32 vulnerabilities
- Synology RT-2600ac – 32 vulnerabilities
- Netgear Nighthawk AX12 – 29 vulnerabilities
- Asus ROG Rapture GT-AX11000 – Multiple five or more
- Edimax BR-6473AX – Multiple (five or more)
- Linksys Velop MR9600 – Multiple (five or more)
- AVM FritzBox 7530 AX – Multiple (five or more)
- AVM FritzBox 7590 AX – Multiple (five or more)
The following actions should be taken:
- Router factory settings should be changed, most importantly, the password. The password should be in line with NIST guidance. This goes for the management interface as well as the Wi-Fi password. Consider changing the SSID name to one that does not disclose the model of the router.
- Update the routers firmware version and enable automatic updates if possible.
- Configure WPA2-Enterprise if not in use already. Please see the link for guidance on achieving this on Cisco Routers.
- Consider implementing RADIUS within your network to authenticate and authorise users to your Wi-Fi network. Please see the link for guidance on achieving this on Cisco Routers.
Source: Security Affairs