Asus RT series routers vulnerable

Security Week has the story:

Discussion of researcher Longenecker posting the CVE-2014-2718 and CVE-2014-2719 shows flaws for the Asus RT series routers, either with the admin password being revealed or that the firmware update process does not use https (port 443), a secured/encrypted method.

a man-in-middle(MitM) attack can occur, since a http session can be  intercepted.

Sure a MitM attack is not the easiest attack to carry out, as some other attack had to have occurred in the network vicinity.  But as we know in the security field, it is always about escalation of privileges, and a toehold becomes a foothold, and then a truck drives through.

 

Longenecker also uncovered the following method of update on the Asus router:

Webs_update.sh next uses wget (a simple non-GUI web browser) to download the lookup file

so the router is also using wget (I wonder if the wget vulnerability hits this router as well?)

I dont have an Asus router to review it for the wget vulnerability?  Maybe this router can be hacked quicker/easier than a MitM attack.

Firmware_upgrade_pageAsus-RT image also from Longenecker website

 

But Asus has a solution for most of the routers

http://www.asus.com/microsite/2014/networks/routerfirmware_update/

They also recommend to change the default Admin password(in case you have not done so already?):

How to change default firmware password:

​Go to ASUSWRT>”Administration”>”System“, enter the new login name and password and click the “Apply” on the bottom.

 

As per CVE-2013-5948  site shellcode injection can cause remote authenticated users to inject arbitrary commands  So please update firmware beyond the 3.0.0.4.374.5047 and later  and change your admin password.

 

@CraigTweets   has SOHO wireless router (in)Security page at Tripwire
This site discusses ping shellcode injection among others, poor SOHO router security 

It looks like Tripwire Patch Priority index is a month behind (Still in September)


contact Us to perform a Ψ Wifi security assessment.