Router errors Bugs Hacks and vulnerabilities

Windows 10 security Windows 8.1 Microsoft Dash account More…Less than

Security

windows 10

Windows 8.1

Microsoft account control panel

More…
Less

 Router Security
Router errors Bugs Daemon Hacks and vulnerabilities

Michael Horowitz Website

2022

Cisco Networking Inferno: Giant Reveals Third Serious Router Bug Scored 10/10
Simon Sharwood of The Register, February 4, 2022
Cisco really reminds you of the Wizard of Oz. It looks very powerful and in the yard, but in the trash can there is a fire associated with some obviously buggy software. Buggy cars this time are RV260, RV160, RV340 and RV345 products. Cisco mentioned that there are 15 bugs, unfortunately some of them are brutal – as serious as it gets. Some bugs have been fixed, but not All.

  • Critical Cisco bugs open VPN routers to Tara Seals cyberattacks for ThreatPost. February 3, 2022
  • Vulnerabilities in Cisco Small Business RV Series Routers Fixed as of Cisco 4.2022
  • February

    Well, another bug in NetUSB is hurting routers

    Millions of wireless Wi-Fi routers are vulnerable to being hacked into what you need
    do

    Paul Wagensale of Toms Guide, January 11, 2022
    Consumer modems are buggy enough without overloading them to share different cell phones connected to their USB ports. In May 2015, the NetUSB software that best enables this sharing was found to be buggy. NetUSB is used in many routers. Which the? None of you are on a business trip. In 2015, 28 router vendors were expected to use NetUSB. Sometimes NetUSB can open the Internet through a disconnected router, sometimes not. This bug was related to a buffer overflow, and luckily it was hard to exploit. Opens netusb vent 20005 on the sideone local network connected to the router. What most might worry about is that, unfortunately, some routers are doubly faulty and also open port 20005 on the WAN/Internet side. If so, the hub may be sending commands directly that NetUSB does not authenticate.
    The writer of the NetUSB Waskcodes article reported a buffer overflow on September 9, 2021, and a fix was written on October 4. Netgear wireless routers, D7800 and r6400v2 R6700v3, have been patched on December 20, 2021. Other vendors supporting NetUSB, Edimax, Tenda, d-link, TP-Link and Western Digital have done nothing. D-Link enters the market. A good reason to abandon TP-Link.

  • Home routers that support NetUSB may have a mandatory kernel vulnerability. Paul Ducklin for Naked Security January 11, 2022
  • |

  • cve-2021-45608 NetUSB RCE shortfall in millions of end user routers, by Max Van Amerongen of Sentinel Labs, January 11, 2022
  • You can check if slot 20005 is open on your router at www.grc.com/x/portprobe=20005.
  • Clean equipment

    2021

    Nighthawk RAX43 Multiple Vulnerabilities
    Evan Grant, Jimi Sebri, Tenable, Dec 30 2021
    The errors in it are firmware version 1.0.3.96, which was considered the latest as of December 35, 2021. This article is 30 years old and Netgear claims it ends with a new firmware released on 29. Since this is the next group of bugs with the R6700, some of them were fixed in the 90s as well. What bugs has Netgear fixed? It doesn’t concern you. This is not what people expect from a router manufacturer. Like the R6700, this router uses HTTP as its default web interface, stores passwords in plain text, contains buggy old jQuery libraries, mixes vulnerable versions of all minidlna services, and has inadequate UART barrier mechanisms. But that’s not all. Configuration backups are encrypted with each hardcoded password (RAX50w!a4udk). And the two mistakes can easily be combined. Firstly, this is a large overflow, and secondly, injection strokes. Together, someone can run controller tasks as root without authentication. Like the report below, my report does not specify which vulnerabilities could be misused by the WAN and under what circumstances.

  • RecommendedSecurity Advisory for Multiple Vulnerabilities in Specific Routers, Netgear PSV-2021-0279. New performance firmware 1.0.5.106 is available for the main RAX43. No details at all. December 29, 2021
  • Netgear Leaves Nighthawk Router Unpatched
    By Bill Tulas of Computer Bleeping, December 31, 2021
    Tenable has identified six high-severity vulnerabilities in the latest version of Different firmware (1.0.4.120) for the Netgear Nighthawk R6700v3 hub. They notified Netgear of the bugs on September 30, 2021, and as of December 30, there has been no word from Netgear of a possible vehicle repair. So they released the details. This is not what you would expect from your router provider. The bugs provided could give an attacker on the LAN side full control over the switch. The danger from the WAN is unclear. A known issue is that the insecure HTTP protocol is used by default for text messages to/from the device’s web interface. In addition, passwords are stored in plaintext. In addition to five or six bugs, Tenable is alsoThere have been cases, including a common problem with modems – the firmware contains old software with known bugs. In particular, they found various instances of jQuery libraries based on version 1.4. And 2, they found a really buggy old version of the MiniDLNA server software. To go back in time, hardware versions 1 and 2 of this router are too old to fix (end of life is our official slogan), so Tenable only investigated hardware version 3. Interestingly, Netgear has published new firmware for these amazing routers as well. , just like Tenable was releasing bugs. What did Netgear get rid of? It doesn’t concern you. Not the solutions you expect from your router owner.

  • Security advisory for multiple vulnerabilities in some routers, PSV-2021-0279 by Netgear. A new firmware version 1.0.4.122 is available. No details about the only one. December 29, 2021