• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Linksys and ASUS Router Vulnerability

M

MustISO

Lifer
Linksys:
Devices allows remote attackers to obtain sensitive information or modify data via a JNAP action in a JNAP/ HTTP request.

Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41
build 162351 on E4200v2 and EA4500 devices;
before 1.1.41 build 162599 on EA6200 devices;
before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices;
and before 1.1.42 build 161129 on EA6900

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8244
http://www.kb.cert.org/vuls/id/447516

ASUS:

Overview

ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2718
 
Not too worried about the ASUS one tbh. As far as I remember, there is no auto-update option for router firmware updates so the attacker would specifically need to infect your system with malware that redirects requests to the ASUS update sources and host their own mirror of the service/website on top of crafting and hosting compromised firmware images. That's some pretty serious overhead, and if you're infecting someone with malware already you might as well cut out the rest of the steps and infect them with something more directly malicious.
 
Mushkins said:
Not too worried about the ASUS one tbh. As far as I remember, there is no auto-update option for router firmware updates so the attacker would specifically need to infect your system with malware that redirects requests to the ASUS update sources and host their own mirror of the service/website on top of crafting and hosting compromised firmware images. That's some pretty serious overhead, and if you're infecting someone with malware already you might as well cut out the rest of the steps and infect them with something more directly malicious.
Click to expand...

I know the Tmobile branded Asus RT-AC68U's have an auto update feature for both the firmware and now the CFE (bootloader). I don't think that this would be carried to the mainstream Asus products though.

(Note: The firmware and bootloader on the TM unit are customized Asus firmwares)
 
Not surprised by the man in the middle attack, really...I'm worried when Windows Update is hit by that, but not so much ASUS firmware. (I use Merlin, anyway. So hah!)
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top