14 DAY TRIAL // Security researchers from Independent Security Evaluators (ISE) have analyzed 13 small office / home office (SOHO) routers and wireless access points to see just how vulnerable they are to cyberattacks.
They’ve found that all of the 13 devices can be compromised by a local attacker. Even more worrying is the fact that 11 of them can also be attacked remotely.
“Our research indicates that a moderately skilled adversary with LAN or WLAN access can exploit all thirteen routers. We also found that nearly all devices had critical security vulnerabilities that could be exploited by a remote adversary, resulting in router compromise and unauthorized remote control,” ISE wrote in its report.
The company explains that the vulnerabilities they’ve identified can be leveraged to take full control of the router’s configuration settings and, in some cases, an attacker can even intercept or modify network traffic.
The list of tested devices includes Linksys WRT310Nv2, Belkin N300, Belkin N900, Belkin F5D8236-4 v2, Linksys WRT310v2, Verizon FiOS Actiontec MI424WR-GEN3I, Netgear WNDR4700, TP-Link WR1043N and D-Link DIR865L.
The most serious issues affect the Belkin N300 and N900 routers. Both local and remote attackers can compromise them without the need for authentication credentials.
It’s clear that end-users are at risk because of these vulnerabilities. But what happens if such routers are utilized by ISPs?
“If any ISP deploys a router at scale with these types of vulnerabilities—or has many customers using routers with these types of vulnerabilities—an adversary may leverage the vulnerabilities to directly attack the provider, core infrastructure, or other organizational targets, e.g., corporations and nation-states,” ISE explained.
All the impacted vendors have been notified and given time to address the issues. However, considering that only 8 of the 13 routers have been named, it’s likely that there are still some unpatched issues.
Unfortunately, according to the experts, there’s no way in which average end-users can mitigate these attacks, unless the vendor has updated the firmware, in which case, the new firmware should be installed as soon as possible.