A Critical Vulnerability in Inteno Routers

Security researchers are warning users regarding new critical vulnerabilities in Inteno routers, which could allow remote attackers to replace the firmware on a device to take complete control over it and monitor the internet traffic.

According to F-Secure, the issue affects the Inteno EG500, FG101, DG201 routers. However, more models could be affected, but it couldn’t be sure due to the vendor’s unwillingness to cooperate.

F-Measure claimed the issue in January but, when the vendor replied two months later it argued that software issues are dealt with the operators that sell the equipment to the end users.

The vulnerability itself is associated with the fact that several router models don’t validate the Auto Configuration Server (ACS) certificates. This means that it will allow an attacker to launch Man in the Middle (MITM) attack between ACS and the device and gain full administrative access to the router, allowing them to refresh the firmware.

The implications of such a flaw are potentially serious, according to F-Secure cyber security expert, Janne Kauhanen. He warned:

“By changing the firmware, the attacker can change any and all rules of the router. Watching video content you’re storing on another computer? So is the attacker. Updating another device through the router? Hopefully it’s not vulnerable like this, or they’ll own that too”.

Although, HTTPS traffic is encrypted and won’t be beneficial if hacked by the attacker, but they can still redirect all your traffic to malicious sites that enable them to drop malware on your machine.

However, if HTTPS is not implemented and the attacker is able to launch Man in the Middle attack, then there is no way left to prevent a successful exploitation. Janne Kauhanen told Infosecurity:

“Gaining a MitM position is not trivial, but it’s not outside the realm of possibilities either, whether physically attacking a whole building by breaking into the distribution trunk in the building or using software tricks to route network traffic through a malicious site”.

F-Secure recommended users to keep browsers and other software updated to prevent hackers exploiting any flaws. The use of effective and well known antivirus software is suggested to prevent any malware downloads and to use a VPN to encrypt internet traffic and prevent hackers gaining that initial foothold into the network.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Top 10 things to Do After Installing Kali Linux

Kali Linux is considered to be one of the best hacking distribution of this era, it is developed by Offensive Security to give an...

Become a spy in your own right with Xnspy Android spying app

Having become widely popular among parents and employers, spying apps have become quite the norm nowadays. Android spying apps have made it a lot...

e-Services Portals Potentially Expose Government Infrastructure to File-based Attacks

More and more users are embracing technology to perform their day-to-day activities. It’s not only private businesses that are forced to establish digital channels...

What is Nmap? How to use Nmap for Information Gathering

Nmap stands for Network Mapper, a powerful network scanning and host detection tool that is being used to perform reconnaissance in a very first...