toggle

AAPL Stock: 121.3 ( -1.07 )

Printed from http://www.macnn.com

Escalating privileges Linksys, Netgear router bug not fully patched

updated 02:12 pm EDT, Tue April 22, 2014

Flaw slightly obscured by firmware patch, researcher calls exploit intentional

A security flaw in some Linksys and Netgear routers discovered this winter, thought to be patched, has only been marginally hidden. Instead of the router listening and obeying command packets on port 32764, now the command must be prefixed by a specially-crafted packet, which reactivates the flaw, and allows for remote command and seizure of afflicted routers.

TCP port 32764 is the target of the hack, which still remains free of documentation from either Linksys or Netgear. After some testing, researcher Eloi Vanderbeken gained access to a command line interface for the router, which allowed a script to be written granting him administrative access.

The special packet to reactivate the flaw was used by "an old Sercomm update tool," so the "security by obscurity" method chosen to patch the flaw out isn't particularly obscure. Simply, the packet contains an MD5 hash of the model number of the router being attacked.

The packet must either be sent from inside the network, or from the ISP itself. However, a "broadcast" from an ISP could mass-enable many routers at once to reactivate the flaw. Given the poor patching of the flaw, Vanderbeken believes the original flaw to be intentional given the haphazard nature of the "fix," and not an accident at all.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

Follow us on Facebook

toggle

Most Popular

Advertisement

Recent Reviews

HP 14-x030nr 14-inch Chromebook

If you're like us, chances are you've come to realize that you need the ability to access the Internet on the go. Also, you've prob ...

15-inch MacBook Pro with Force Touch

Apple's 15-inch Retina MacBook Pro continues to be a popular notebook with professional users and prosumers looking for the ultimate ...

Typo keyboard for iPad

Following numerous legal shenanigans between Typo -- a company founded in part by Ryan Seacrest -- and the clear object of his physica ...

toggle

Most Commented