Tuesday, 24 February 2015

Research: Thousands Of Netgear Routers Accessible via FTP


Thousands manufacturer Netgear routers with attached storage accessible to anyone via FTP. The problem is independent of a vulnerability that was recently revealed in Netgear routers. In this case it is the WNDR4700 router that is also sold in the Netherlands. On devices running an old version of the ProFTPd FTP server. Not only is it possible to log in as "anonymous". The version in question contains a leak which allows an attacker to execute arbitrary code on the router.

A user of Reddit reports how he found more than 2,000 open routers via the Shodan search engine. Only specify the IP address was enough to log in using the FileZilla FTP program and to gain full read and write permissions. The connected storage media medical information, tax information, private photos, found academic research and business information.

Also, the user could own words 10 to 15 download movies. He hopes that Netgear quickly comes with an update to turn down the FTP access to anonymous users. The problem is reminiscent of earlier incidents where FTP servers unsecured bleaching and so could gain access to sensitive data.
Other vulnerability

A few days ago revealed security researcher Peter Adkins in different Netgear routers another vulnerability which allows an attacker to retrieve information from the device. For this, remote management must be enabled. If this is the case, then an attacker can view and modify certain settings, including the login information for the Wi-Fi network and connected devices.

Adkins had the problem on 18 January reported to Netgear, but the company said that the routers on a security feature that enable users are not at risk. Then the case was closed by Netgear and the researcher decided to make its findings public.Users of NetGear WNDR3700v4, WNR2200 WNR2500 and are advised to disable remote management. The problem probably plays into the WNDR3800, WNDRMAC, WPN824N and WNDR4700.

No comments:

Post a Comment