User User name Password  
   
Saturday 2.8.2025 / 10:28
Search AfterDawn Forums:        In English   Suomeksi   På svenska
afterdawn.com > forums > software, operating systems and more > windows - p2p software > home routers vulnerable to remote attack
Show topics
 
Forums
Forums
Home Routers Vulnerable to Remote Attack
  Jump to:
 
Posted Message
Senior Member
_
20. January 2008 @ 07:16 _ Link to this message    Send private message to this user   
The Register has a story on a design flaw in most home routers that allows attackers to remotely control the devices
and re-direct the user to fraudulent sites or turn the router into a zombie machine.

This flaw, discovered by Petko D. Petkov, is discussed in detail at his blog at GnuCitizen and there is also a FAQ.

The exploit works even if a user has changed the default password of the router.
And it works regardless the operating system or browser the computer connected to the device is running,
as long as it has a recent version of Adobe Flash installed.

The problem resides in Universal Plug and Play (UPnP) not using any authentication.
By exposing an end user to a malicious Flash file lurking on a website, attackers can use UPnP, to make significant modifications to the router.

Routers made by Linksys, Dlink and SpeedTouch have been confirmed to be vulnerable,
and other manufacturers' products are also likely susceptible to attack.

The only way to prevent an attack is to turn UPnP off.
afterdawn.com > forums > software, operating systems and more > windows - p2p software > home routers vulnerable to remote attack
 

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team
 
  © 1999-2025 by AfterDawn Ltd.

  IDG TechNetwork