SOHO Router Security Gets Another Black Eye: 22 Models Have Security Flaws

Security researchers in Spain published results of an audit of Small Office Home Office routers on the Full Disclosure security mailing list this week.  SOHO routers are considered the relatively inexpensive internet router found at your local big box store or included when you subscribe for new internet service.

The researchers found that 22 models are by one or several vulnerabilities that would allow a hostile actor to compromise the device, inject hostile code, or remotely disable the device.  The list of the vulnerable models are:

1. Observa Telecom AW4062
2. Comtrend WAP-5813n
3. Comtrend CT-5365
4. D-Link DSL-2750B
5. Belkin F5D7632-4
6. Sagem LiveBox Pro 2 SP
7. Amper Xavi 7968 and 7968+
8. Sagem Fast 1201
9. Linksys WRT54GL
10. Observa Telecom RTA01N
11. Observa Telecom Home Station BHS-RTA
12. Observa Telecom VH4032N
13. Huawei HG553
14. Huawei HG556a
15. Astoria ARV7510
16. Amper ASL-26555
17. Comtrend AR-5387un
18. Netgear CG3100D
19. Comtrend VG-8050
20. Zyxel P 660HW-B1A
21. Comtrend 536+
22. D-Link DIR-600

The researchers already have contacted the any affected manufacturer and attempted to get vulnerability notices sent out though MITRE and other CNAs.  If you have one of these routers check the manufacturer’s web site to make sure your firmware is up to date.

 

Link to the Full Disclosure mail list for more information:  http://seclists.org/fulldisclosure/2015/May/129

Post by Remote Process