Big Holes in Router Line

Tuesday, July 16, 2013 @ 02:07 PM gHale


Critical security vulnerabilities exist in ASUS routers that are remotely exploitable where an attacker could take complete control.

The weak point is the AiCloud media server, said security researcher Kyle Lovett. If the user activates AiCloud then attackers could access critical system files over the Internet, including files containing access credentials for the router in plain text format.

RELATED STORIES
Printers Launch DDoS Attacks
Port Scans Find Insecure Devices
Flaws in Universal Plug and Play
Firewall Passes Tough Testing

Attackers can use these credentials to access personal files stored on any devices connected to the router’s USB ports. Attackers may also be able to use AiCloud to access network shares on other computers on the router’s network.

The vulnerabilities, Lovett said, also allow write access to system files, enabling attackers to carry out actions such as setting up a VPN tunnel to the router network. Attackers can also access all network traffic passing through the router.

The following models suffer from the issue:
• RT-AC66R
• RT-AC66U
• RT-N66R
• RT-N66U
• RT-AC56U
• RT-N56R
• RT-N56U
• RT-N14U
• RT-N16
• RT-N16R

Researchers at heise Security were able to gain access to plain text access credentials on a model RT-N66U router running the latest firmware (version 3.0.0.4.370).

In June, Lovett released details of related vulnerabilities, and said he released additional information because he was not satisfied with ASUS’s response. ASUS has made no effort to warn affected router users, he said. At the time of the initial release Lovett said the basis behind the firmware came from a Linux kernel 2.6.22.19, which dates back to 2007, and other tools were also outdated.

In March, another researcher said an attacker could gain access to the root filesystem on the RT-N66U via the Samba server and that the UPnP server listens on the WAN interface, exposing it to potential attacks over the web.

Until ASUS provides secure firmware versions, users of affected devices should disable the AiCloud function via the menu option in its web interface. This ensures the vulnerable server is no longer accessible by navigating to the router’s IP address over HTTPS. Lovett also said users should disable UPnP services and any remote access options and to change the router password.

ASUS said updates are available from the company’s support page for the two router models RT-AC66U and RT-N66U.

The company said it will offer fixes for the other affected models soon. In the meantime, ASUS recommends turning off all AiCloud functions like Cloud Disk, Smart Access and Smart Sync.



Leave a Reply

You must be logged in to post a comment.