Cisco kindly reveals proof of concept attacks for flaws in rival Netgear's kit Public proof-of-concept exploits have landed for bugs in Netgear Orbi routers – including one critical command execution vulnerability. The four vulnerabilities are found in Netgear's Orbi mesh wireless system, including its main router and the satellite routers that extend Wi-Fi networks. Cisco Talos researchers disclosed …
In the office, cable network connections are much harder to hack and easier to defend and observe any fake internal access attempts. All you need to do is make the Internet access via a professional firewall that block all access except what you specifically need - that makes you a lot safer. Certainly it's harder to setup this operating method than just buying a Wi-FI network box that hasn't been hacked this week.
Originally a network was only setup by an expert technician and was not easy to play with, but nowadays we all go with "easy to use" devices and it seems that hacking and malware delivery attempts are continuous. This is just how I've seen networking change since 1975, there were a few hacks many years earlier but nothing like the daily hacking attempts these days.
If the attacker has to be authenticated, then they're already the wrong side of the door and can do all kinds of things.
Seems to me that "Router administrator can execute arbitrary commands" is fairly low importance, given what else an administrator is supposed to be able to do anyway.
What am I not seeing?
This post has been deleted by its author
"hidden telnet service functionality"
Combine clear text telnet protocol with security through obscurity - says it all.
Apologies if its kerberized telnet but I think unassisted porcine aviation more likely.
Just from the story it sounds like you actually have to construct an ethernet frame with the br-lan mac address as the ethernet destination and inside that the ip/tcp/telnet packet in which case I think you would need to be on the same subnet or ethernet segment.
When the attacker is aready within your walls and you have retreated to your donjon who owns the gatehouses probably the least of your concerns :)
Security Theatre should have its own awards categories. We could start with Premio Ubu - unfortunately not named after Alfred Jarry's Ubu character but would have been singularly appropriate for my proposed award categories.
Do we know whether the vulnerabilities were introduced by the Chinese during manufacturing?
Netgear is an American company, so I wouldn't be surprised if the Chinese had infiltrated Netgear and introduced backdoors/security vulnerability in their equipment - I mean they're everywhree nowadays - how can you trust any of them?
Best put them in camps for their safety and security!
Really? The use of the word hidden suggests to me that this is an undocumented telnet backdoor? That is a vulnerability in itself.
But why telnet? And a local password?
Nothing but nothing should use telnet. The only reason I can see to use it would perhaps be for initial setup. Although I would always prefer a console port for initial setup. At least that requires physical access to the kit. But then cheap kit never seems to come with a console port
Really? The use of the word hidden suggests to me that this is an undocumented telnet backdoor? That is a vulnerability in itself.
It's a feature..
But why telnet? And a local password?
Because Telnet is widely implemented on many PCs, servers and iThings. So you do some spearfishing, get into a device on the inside of the network. Then telnet from the 'trusted' side of the network, use the backdoor to open the front door, and Bob can then invite Alice in to party. It always used to amaze me the number of businesses that should have known better that thought they only needed firewalls on the outside of their networks.
Don't tell me: Netgear's response to this will be to declare the vulnerable kit outdated and no patches will be forthcoming, and instruct owners to buy new.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
