Open-source firmware bug exposes router vulnerabilties

Started by Rik, Jul 22, 2009, 10:57:27

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Rik

El Reg reports that:

QuoteA hacker has discovered a critical vulnerability in open-source firmware available for wireless routers made my Linksys and other manufacturers that allows attackers to remotely penetrate the device and take full control of it.

The remote root vulnerability affects the most recent version of DD-WRT, a piece of firmware many router users install to give their device capabilities not available by default. The bug allows unauthenticated users to remotely gain root access simply by luring someone on the local network to a malicious website.

QuoteDD-WRT is open-source firmware that runs more than 200 different models of wireless routers and embedded devices, including those made Linksys, D-Link, Buffalo, and Netgear.

We really do have to work hard to stay safe these days. :(
Rik
--------------------

This post reflects my own views, opinions and experience, not those of IDNet.

somanyholes

if you want more info

http://www.milw0rm.com/exploits/9209

just seen it's already included in previous link , slaps himself.

Sebby

Quote from: Rik on Jul 22, 2009, 10:57:27
El Reg reports that:

We really do have to work hard to stay safe these days. :(

True, though it is an unofficial firmware, a bit like DGTeam, and therefore I'd say you should be aware of the associated risks when installing it.