New Vulnerability Affects Millions of Routers
A simple flaw has left millions of home and office routers at risk: a vulnerability that leaves these devices open for remote hacking and cyber attacks.
The problem that was brought into the world’s attention lies in NetUSB. A port that gives access between the router and USB devices for connection. According to SEC Consult Vulnerability Lab, Stefan Viehbock, the Taiwanese developed propriety software Kcodes is the main cause for vulnerability.
As part of the connection initiation, the client sends his computer name. This is where it gets interesting: the client can specify the length of the computer name. By specifying a name longer than 64 characters, the stack buffer overflows when the computer name is received from the socket. All the server code runs in kernel mode, so this is a ‘rare’ remote kernel stack buffer overflow.
Major router manufactures such as TrentNet, TP-Link and Netgear have this component in their models. However for now, only TP-Link has taken this information seriously and promised patches for 40 of its devices.
The gaining access part is kind of easy; during the authentication process when a PC is connected to the NetUSB, it produces a name for future recognitions. While the process itself is futile, the encryption data can be easily accessed. All the attacker has to do further is acquire access of buffer overflow using network force by entering a name exceeding 64 characters.
“Attackers within the local network can easily exploit this issue,” says head of SEC Consult Vulnerability Lab Johannes Greil. Whether the hacker wants to now spy or corrupt the device depends on the attacker.
Source: SEC Consult