Home » Technology » Many WLAN routers are at risk of security vulnerability: users should switch off certain functions better

Many WLAN routers are at risk of security vulnerability: users should switch off certain functions better

The security researchers of the IoT Labs at the University of Applied Sciences Upper Austria have encountered a glaring vulnerability in the Nighthawk R7000 Netgear router; apparently many other models are also at risk. The problem: The router receives firmware updates in encrypted form, but the devices obviously do not check the respective server certificate. This basically allows attackers to install manipulated firmware updates on the router. In this way, cyber criminals can potentially gain control over users’ routers.-

If individual files or the update server itself is not currently available, the router may even use completely unencrypted protocols during installation to install the updates, which makes attackers even easier to carry out their attacks. In addition, digital signatures are not checked before the update process. This means that the routers also install manipulated updates without the device recognizing this. Both the automatic update process and the update via the wizard in the web interface are apparently affected by the vulnerability.

There has been no official solution on the part of the manufacturer so far: As the researchers at the University of Applied Sciences Upper Austria write, Netgear has not commented on the problem since the end of January, let alone rolled out a work-around via update.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.