dslreports logo
site
spacer

spacer
 
   
spc
story category
Exploit Found in Linksys, Netgear DSL Modems, Gateways
by Karl Bode 04:28PM Thursday Jan 02 2014
Reddit users point out that security researcher Eloi Vanderbeken has posted documentation to GitHub indicating they've found an exploit in a number of older DSL modem gateways made by both Netgear and Linksys. Vanderbeken posted uh, creative Powerpoint presentations and sample code highlighting how the exploits allow an intruder to reset a machine's configuration and gain access to the devices' administrative control panel. So far, he's confirmed the backdoor is present in the Linksys WAG200G, Netgear DM111Pv2, Linksys WAG320N, Linksys WAG54G2, DGN1000 Netgear N150, Netgear DG834G, and Diamond DSL642WLG. The (sort of) good news? It requires the attacker be on your local network.

view:
topics flat nest 

Tsume
Premium
join:2004-02-23
Johnson City, TN
Reviews:
·Comcast

Netgear routers not secure

You can enable and access a telnet server running on most Netgear routers, so long as you are connected to the router on the local network.

»wiki.openwrt.org/toh/netgear/telnet.console

There is no way to disable this "feature". Even if you change the administrator password on your router, it does not change the default password used to enable telnet access. Even brand new models like the R7000 are affected by this.
--
to whoever anonymously gave me premium membership... thanks!

Simba7
I Void Warranties

join:2003-03-24
Billings, MT

Re: Netgear routers not secure

One reason I utilize OpenWrt on any DSL router that I can throw it on.

Tsume
Premium
join:2004-02-23
Johnson City, TN

Re: Netgear routers not secure

Sadly there is no solid OpenWRT for the R7000. Something about NAND memory. DD-WRT build by Kong is alright, but still too buggy for daily use. Hopefully soon!
--
to whoever anonymously gave me premium membership... thanks!

AnonMan

@comcast.net

That's what you get on a home device.

Well, these are HOME routers, not for business so it's expected they won't be as secure. Some of these are intentional doors left open to aid in failed FW flash or troubleshooting etc.

aadd

@macewan.ca

Re: That's what you get on a home device.

Agree'd once the NSA has direct access to your internal network, a router backdoor is the least of your worries.

battleop

join:2005-09-28
00000

Re: That's what you get on a home device.

That's the most original and clever comment all year.
en103

join:2011-05-02

Re: That's what you get on a home device.

The year is only day days old.

battleop

join:2005-09-28
00000

Re: That's what you get on a home device.

Exactly. It's time to move on the next dead horse.

KrK
Heavy Artillery For The Little Guy
Premium
join:2000-01-17
Tulsa, OK

Re: That's what you get on a home device.

Still waiting....

battleop

join:2005-09-28
00000
A huge number of businesses small and large use these products. Partly because they are cheap and partly because they don't know any better.
--
I do not, have not, and will not work for AT&T/Comcast/Verizon/Charter or similar sized company.

loli
Premium
join:2002-08-26
South Richmond Hill, NY

Professionalism

That is definitely a unique... presentation.

Karl Bode
News Guy
join:2000-03-02
kudos:39

Re: Professionalism

From what I understand he is actually respected in the field.....but...yeah.

Link Logger
Premium,MVM
join:2001-03-29
Calgary, AB
kudos:3
Just some good old fashion hacking, nice to see, but if the bad guy is on your LAN it probably doesn't matter which one of like a billion technique they use to finish you off. Again I have to said, nice bit of hacking though, points for being old school (really the only school but hey whats a buffer overflow between friends). As far as the presentation went, I hate write ups too.
--
Vendor: Author of Link Logger which is a traffic analysis and firewall logging tool

cork1958
Cork
Premium
join:2000-02-26

Re: Professionalism

said by Link Logger:

Just some good old fashion hacking, nice to see, but if the bad guy is on your LAN it probably doesn't matter which one of like a billion technique they use to finish you off.

No doubt about that, huh?
--
The Firefox alternative.
»www.mozilla.org/projects/seamonkey/
cramer
Premium
join:2007-04-10
Raleigh, NC
kudos:8

Backdoor, or door with no locks?

This is more "how the windows configuration tool works" than "backdoor". You have to be on the local network (ie. INSIDE) to use it; if you have hackers inside your network, you've already failed.

More security through obscurity, and ease of use trumps security... *yawn*
dra6o0n

join:2011-08-15
Mississauga, ON

Re: Backdoor, or door with no locks?

If the NSA can hijack a system 8 miles away then what stops hackers from breaking into a system without a direct connection?
cramer
Premium
join:2007-04-10
Raleigh, NC
kudos:8

Re: Backdoor, or door with no locks?

Billion dollar R&D budget.

also, the nsa hack places them within your network.

Kasoah

join:2013-08-20
not really, just create a script that makes a user access their router and then sends that information remotely
cramer
Premium
join:2007-04-10
Raleigh, NC
kudos:8

Re: Backdoor, or door with no locks?

Did you look at how this works? It's more complicated than a "script".

Mercurybird
Premium
join:2004-06-24
Hooks, TX
kudos:1
Reviews:
·Windstream

I have a Linksys...

and it's running DD-WRT. I need to ask over at the DD-WRT forum and see what their response is to this. Oh yeah- I need to put my Smoothwall system back in the mix. I guess I've been slippin'.
--
Why do cement trucks and school buses go too fast?