Unauthorized Root Command for Router

Monday, January 12, 2015 @ 09:01 AM gHale


A service running on ASUS routers can end up abused for command execution by an attacker, giving access to the configuration of the device.

The catch is, code for taking advantage of the security flaw already exists and ASUS has yet to release an updated firmware containing the fix.

RELATED STORIES
UEFI Vulnerabilities Discovered
PHP Installations Vulnerable
Router Flaw Found
Re-engaged: Multi GAE Sandbox Bypasses

The issue ended up discovered a few months back while Researcher Joshua Drake was working on an ASUS RT-N66U router model. He found the service “infosvr” listens on UDP port 9999 in a LAN (local area network) and can end up used by an unauthenticated attacker to execute commands.

The ASUS service allows the routers to facilitate configuration of the device when other routers are available in the network (repeaters, access points, media bridges).

Unauthorized access to the administration panel has serious implications for the users in the network since settings can end up altered in such a way they end up redirected to malicious websites to download malware, leading to compromising the computer.



Leave a Reply

You must be logged in to post a comment.