Security flaws are plaguing devices one-by-one and network routers are the latest to bear the brunt of such flaws as lately, security flaws in routers are being exploited by attackers with extreme enthusiasm. Their aim is to exploit the flaws and launch massive distributed denial-of-service (DDoS) DDoS attacks for bombarding networks with traffic and shutting the entire system down.
That’s why security researchers are trying to focus on security flaws in routers and identifying potentially exploitable vulnerabilities. Reportedly, CERT has identified a critical security flaw in some models of routers created by Netgear.
Carnegie Mellon University’s public vulnerability database (CERT) has revealed a startling new fact about Netgear routers in its latest advisory posted on Friday. According to the findings of CERT, Netgear’s R7000 and R6400 routers are vulnerable to a random command injection flaw. These routers run on current and recent firmware respectively. However, it is suspected that other models of Netgear routers might also be vulnerable.
The vulnerability is being termed as a serious and severe one because if cyber-criminals are able to exploit it then can easily acquire root privileges and run arbitrary commands. What makes the issue a lot more concerning is the fact that the code through which this vulnerability can be exploited has been released online. This would allow anyone to conduct attacks and get root privileges.
To exploit this vulnerability, an attacker has to trick the user into logging on to a website, which contains the malicious code. This website would play the role of an invisible web frame created for the sole purpose of exploiting the flaw. If the attacker adds commands to the IP address of the targeted router, ports like Telnet can be opened on the router.
Currently, there is no specific indication of the number of users who might have been affected by this flaw because Netgear’s spokesperson did not issue any statement regarding the flaw.
Last month it was Mirai botnet whose developer released its source code online and since then there has been an increase in large-scale cyber attacks. In fact, last week several countries in Europe including Germany had its routers attacked with an updated version of Mirai botnet.