Author Topic: 9 WiFi routers and 226 security problems  (Read 3984 times)

0 Members and 1 Guest are viewing this topic.

Offline madiresTopic starter

  • Super Contributor
  • ***
  • Posts: 7673
  • Country: de
  • A qualified hobbyist ;)
9 WiFi routers and 226 security problems
« on: December 05, 2021, 11:46:08 am »
Nine WiFi routers used by millions were vulnerable to 226 flaws: https://www.bleepingcomputer.com/news/security/nine-wifi-routers-used-by-millions-were-vulnerable-to-226-flaws/

Some issues are critical, many are overstated or possibly can't be exploited (a bit clickbaity). However, update if you have one of the affected routers.
 

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1766
  • Country: br
Re: 9 WiFi routers and 226 security problems
« Reply #1 on: December 10, 2021, 09:01:36 am »
Expected to happen...

I have dozens units....
Autoupdate is out of question..

Older chipsets just can not afford newer kernels.. and better crypto

While having focus on selling new gear obsoletes have no attention

This situation will olny gets worst w. iot

The investment in qualified people is negletable faced with invested in new gear and fancy interfaces

So expect to be a lot bad with cloud bots
 In near future of powerful SOM SOCs

Paul
 

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1766
  • Country: br
Re: 9 WiFi routers and 226 security problems
« Reply #2 on: December 10, 2021, 12:25:14 pm »
ALAS...

although the older ones are hopeless...

Presently I try to buy devices based on (really) smart hardware...

https://openwrt.org/supported_devices

bricky shitty firmware no more..  :-\

Paul
 
The following users thanked this post: Halcyon

Offline madiresTopic starter

  • Super Contributor
  • ***
  • Posts: 7673
  • Country: de
  • A qualified hobbyist ;)
Re: 9 WiFi routers and 226 security problems
« Reply #3 on: December 10, 2021, 12:32:04 pm »
Yep, buying SOHO routers supported by OpenWrt is a good advise for long term usage and to reduce e-waste.
 

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1766
  • Country: br
Re: 9 WiFi routers and 226 security problems
« Reply #4 on: December 10, 2021, 12:34:09 pm »
Yep, buying SOHO routers supported by OpenWrt is a good advise for long term usage and to reduce e-waste.

They are also order of magnitude more reliable and secure..

Paul
 

Offline magic

  • Super Contributor
  • ***
  • Posts: 6730
  • Country: pl
Re: 9 WiFi routers and 226 security problems
« Reply #5 on: December 10, 2021, 03:13:16 pm »
OpenWRT will also get you maybe ten years out of it unless you select a high end machine.
It grows with bloat each year and drops support for systems which can't run it anymore.
Currently you need at least 8MB flash and 64MB RAM to run official builds.
Say goodbye to several devices popular back in the day.
 

Offline PKTKS

  • Super Contributor
  • ***
  • Posts: 1766
  • Country: br
Re: 9 WiFi routers and 226 security problems
« Reply #6 on: December 10, 2021, 04:06:54 pm »
OpenWRT will also get you maybe ten years out of it unless you select a high end machine.
It grows with bloat each year and drops support for systems which can't run it anymore.
Currently you need at least 8MB flash and 64MB RAM to run official builds.
Say goodbye to several devices popular back in the day.

The supported device list is very affordable..

Not to mention the FTP repository holds the old releases..
just in case you need an older firmware blob..

Got some time ago a bunch of TPLINK WR850 which are very well supported..

For some years now I always look the database to buy new stuff...

worthy.. better to have that kind of open and better alternative
Paul
 

Offline madiresTopic starter

  • Super Contributor
  • ***
  • Posts: 7673
  • Country: de
  • A qualified hobbyist ;)
Re: 9 WiFi routers and 226 security problems
« Reply #7 on: December 10, 2021, 04:17:21 pm »
For most of the cheap routers the manufacturers offer updates just for about two years. They want you to buy a new one every two years. AVM (Fritzbox) provides updates for up to 10 years. If you go for a more professional model, like LANCOM, you'll get also about 10 years. Telco branded routers are usually supported for a few years. One of the worst manufacturers is DLink. Many security issues (often fixed only after media coverage), poor WiFi performance, hardware-wise at the low end (often half the flash and memory compared to other manufacturers' models in the same price class) and don't expect to get updates for more than two years, even for expensive models.
 

Online SiliconWizard

  • Super Contributor
  • ***
  • Posts: 14230
  • Country: fr
Re: 9 WiFi routers and 226 security problems
« Reply #8 on: December 23, 2022, 11:23:09 pm »
For most of the cheap routers the manufacturers offer updates just for about two years. They want you to buy a new one every two years. AVM (Fritzbox) provides updates for up to 10 years. If you go for a more professional model, like LANCOM, you'll get also about 10 years. Telco branded routers are usually supported for a few years. One of the worst manufacturers is DLink. Many security issues (often fixed only after media coverage), poor WiFi performance, hardware-wise at the low end (often half the flash and memory compared to other manufacturers' models in the same price class) and don't expect to get updates for more than two years, even for expensive models.

Yeah. If you have a entry-level router, I strongly suggest having a look at OpenWrt and see if it's supported. A lot of features and will give it a second life.
 

Offline AndyBeez

  • Frequent Contributor
  • **
  • Posts: 853
  • Country: nu
Re: 9 WiFi routers and 226 security problems
« Reply #9 on: December 27, 2022, 12:31:35 pm »
Some issues are critical, many are overstated or possibly can't be exploited (a bit clickbaity). However, update if you have one of the affected routers.
I agree. I had a look at those vulnerabilities and really they make good headlines in the tech press, and probably justify someone's budget, but there is little of a real zero day threat level in the wild.

The issue is for ISPs who have large router domains. Either they push updates through their CPE programme or, declare the threat as "not our problem". I had an ISP who sent out new routers because they could or would not do an OTA update. I received a shiny new box, so no wukkas.

OpenWRT is perfect for those who are both tech and network savvy; it is not a platform for network newbies, I will add controversially. OpenWRT is a good place to learn networking principles though. Plus, the distro adds back the functionality that manufacturers are so keen to rip from their products. btw I recommend users place their OpenWRT router behind their ISP router though, maintaining their ISP's kit on the WAN side. Two firewall zones are better than (by wrong configuration) none.
 

Offline Marco

  • Super Contributor
  • ***
  • Posts: 6686
  • Country: nl
Re: 9 WiFi routers and 226 security problems
« Reply #10 on: December 27, 2022, 05:59:07 pm »
I'm only interested in over the air (without authentication) or over the internet remote code execution or configuration/network access.

Most of this shit I personally would classify as low risk ... ohh someone who can MitM my internet and DNS can send me compromised firmware, scary. Yes, they should use PKI but it would probably be cheaper to just break into my house and physically reprogram the router than pull off that MitM attack.
« Last Edit: December 27, 2022, 06:01:56 pm by Marco »
 

Offline Halcyon

  • Global Moderator
  • *****
  • Posts: 5613
  • Country: au
Re: 9 WiFi routers and 226 security problems
« Reply #11 on: December 28, 2022, 04:03:34 am »
ALAS...

although the older ones are hopeless...

Presently I try to buy devices based on (really) smart hardware...

https://openwrt.org/supported_devices

bricky shitty firmware no more..  :-\

Paul

A really good alternative for those who aren't willing to go down the enterprise equipment route.
 

Offline madiresTopic starter

  • Super Contributor
  • ***
  • Posts: 7673
  • Country: de
  • A qualified hobbyist ;)
Re: 9 WiFi routers and 226 security problems
« Reply #12 on: December 28, 2022, 12:34:20 pm »
I'm only interested in over the air (without authentication) or over the internet remote code execution or configuration/network access.

Routers aren't just attacked from the outside. Meanwhile there's malware using devices in the local network, e.g. a PC or smartphone, to gain control of the router. The automatic stuff mostly aims at turning your router into a DDoS bot or changing nameservers (-> phishing).
 

Offline Marco

  • Super Contributor
  • ***
  • Posts: 6686
  • Country: nl
Re: 9 WiFi routers and 226 security problems
« Reply #13 on: December 28, 2022, 06:09:13 pm »
If they've rooted my PC or phone they likely know my login any way, all is lost.

As long as the NAT functions, the only easy remote attack is when some IoT device uses UPnP to set up a generic server with exploitable code or network stack. Some IoT device connecting to remote servers is again not a huge issue, because yeah in theory hackers could get MitM for possible exploits but DNS hijacking is a lot more difficult nowadays and I don't think I'm worth an ISP/backbone hack.

If you've got a lot of people browsing and installing malware on your network your priorities will be different, but for me it's not a big deal.
« Last Edit: December 28, 2022, 06:13:04 pm by Marco »
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf