Cisco has announced that a security bug in many of their cable modems and wireless residential gateways could exploit users’ home networks, allowing hackers to hijack the devices remotely.
Cisco noted that hackers successfully exploiting this flaw would be capable of crashing the web server and executing arbitrary code, while using elevated privileges.
“The vulnerability is due to incorrect input validation for HTTP requests,” reported Cisco’s security advisory. “An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device.”
The following Cisco products were affected by the vulnerability:
- Cisco DPC3212 VoIP Cable Modem
- Cisco DPC3825 8×4 DOCSIS 3.0 Wireless Residential Gateway
- Cisco EPC3212 VoIP Cable Modem
- Cisco EPC3825 8×4 DOCSIS 3.0 Wireless Residential Gateway
- Cisco Model DPC3010 DOCSIS 3.0 8×4 Cable Modem
- Cisco Model DPC3925 8×4 DOCSIS 3.0 with Wireless Residential Gateway with EDVA
- Cisco Model DPQ3925 8×4 DOCSIS 3.0 Wireless Residential Gateway with EDVA
- Cisco Model EPC3010 DOCSIS 3.0 Cable Modem
- Cisco Model EPC3925 8×4 DOCSIS 3.0 with Wireless Residential Gateway with EDVA
Cisco has issued an update to patch the flaw, but also adds there are currently no known workarounds for the vulnerability.
Tripwire researcher Craig Young recently performed extensive testing on a variety of Small Office/Home Office (SOHO) wireless routers, revealing that 74 percent of Amazon’s top 50 best-selling routers have security vulnerabilities.
In addition, 34 percent of Amazon’s top 50 selling models have publicly documented exploits available, making it relatively simple for attackers to use this information to craft targeted attacks or simply attack all the vulnerable systems they can find.
“SOHO router security is essentially an oxymoron,” said Young. “Most of the routing equipment marketed to consumers and small businesses demonstrate shockingly bad security practices.”
Young’s router research also found that these routers can be manipulated to change settings, disclose passwords, and even hand over complete management control to an unauthenticated attacker.
As a member of Tripwire’s Vulnerability and Exposure Research Team (VERT), Young notes that while addressing issues similar to Cisco’s router vulnerability, the team has found that at times, vendors do not disclose appropriate bug fixes, patching only a small portion of those affected or none at all and rarely communicating the severity of resolved issues.
“Router vulnerabilities are a serious problem due to the risk of attackers manipulating DNS settings to redirect personal internet traffic for a variety of scams,” warned Young.
Young will present research on WiFi hacking at the upcoming DEF CON conference on August 7-10, 2014, in Las Vegas, Nevada.
Read More Here…