Network, Netgear routers are exposed to severe DNS vulnerability,vulnerable to hacking-vulnerability warning-the black bar safety net

2015-10-12T00:00:00
ID MYHACK58:62201567773
Type myhack58
Reporter 佚名
Modified 2015-10-12T00:00:00

Description

! Recently, the network device Netgear routers is found that there is a serious DNS vulnerability, at present, the network member has not yet patched the published vulnerabilities, which allow attackers to tamper with the affected router's DNS settings, it will affect its router security, estimated more than 1 0,0 0 0 Station router has been under attack. Two home security companies each found the vulnerabilities The network member has previously been both home security company to inform the vulnerability information, the beginning is by the Swiss security company Compass Security this year 7 month to find, but that time has not been disclosed, and in 9 months time, Shellshock lab security experts published, according to its published information, the vulnerability allows the router“unauthorized authentication access to the root directory.” Shellshock reminded that the current user should be the router's WAN re-management, to avoid being exploited. It is reported that the vulnerability affects routers N300_1. 1. 0. 31_1. 0. 1. img and N300-1.1.0.28_1.0.1. img firmware. Using this vulnerability, an attacker would need the router login password, you can access its management interface. From Compass Security of inform the information point of view, the network device Netgear in 7 on 2 1 may have been informed of the vulnerability information, but so far, also just released a response. Exploits 1 When a user needs to access the router Management Interface, initially need to go through a user login interface 2)if it is assumed that he does not know the user name and password, the login result will be directed to 4 0 1 page 3, and when the attacker attempts to repeatedly access http://BRS_netgear_success. html page The attacker will eventually succeed in getting access to the management interface of permissions without user login account and password. The fixed version has not yet been released According to the current Master of the message, the more strange is, the net member during this period to Compass Security company a beta firmware fix version for testing, and finally also the validation of the beta version may fix this vulnerability, but so far the network has not officially released the firmware update version. According to Compass Security's Chief Technology Officer, The Currently according to the exact analysis can determine due to the vulnerability caused by at least 1 0,0 0 0 Station router being invaded, and let a person incomprehensible is, the network member was on the BBC declared the attack the number of routers is less than 5,0 0 0 stations.