![]() He has also released an exploit code for testing purpose, written in Python. If exploited by bad actors, the vulnerability that completely bypasses any password on a Netgear router could give hackers complete control of the affected router, including the ability to change its configuration, turn it into botnets or even upload entirely new firmware.Īfter trying out his flaw on a range of Netgear routers, Kenin was surprised to know that more than ten thousand vulnerable devices used the flawed firmware and can be accessed remotely. This would include public Wi-Fi spaces like cafés and libraries using the vulnerable equipment." "However, anyone with physical access to a network with a vulnerable router can exploit it locally. By default this is not turned on," Kenin said. "The vulnerability can be used by a remote attacker if remote administration is set to be internet facing. While the router vendor claims the remote management option is turned off on its routers by default, according to the researcher, there are "hundreds of thousands, if not over a million" routers left remotely accessible. ![]() ![]() So, the researcher started looking for ways to hack his own router and found a couple of exploits from 2014 that he leveraged to discover this flaw which allowed him to query routers and retrieve their login credentials easily, giving him full access to the device.īut Kenin said the newly discovered flaw could be remotely exploited only if the router's remote management option is enabled. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
March 2023
Categories |