A total of 226 potential security defects were identified in nine Wi-Fi routers from known manufacturers as part of a study performed by IoT Inspector security researchers and editors with the German IT magazine CHIP.
The TP-Link Archer AX6000 router was the most impacted, with a total of 32 security issues identified. Next in line was Synology RT-2600ac, with 30 bugs, followed by Netgear Nighthawk AX12 with 29 vulnerabilities, and D-Link DIR-X5460 with 26 flaws.
The published analysis also identified 25 security errors in Asus ROG Rapture GT-AX11000, 25 more in Edimax BR-6473AX, 21 in Linksys Velop MR9600, 20 in AVM FritzBox 7530 AX, and 18 in AVM FritzBox 7590 AX. Millions of users are likely affected, the researchers warn.
The vulnerabilities were identified using IoT Inspector’s security platform, which only flags errors such as the presence of outdated software, password hashes, or outdated services on a vulnerable router. False positives were also encountered.
[ READ: CISA Sets Deadline to Patch Zoho Qualcomm, Mikrotik Flaws ]
Not all of the identified weaknesses are considered real security flaws, and for some bugs it is unclear whether exploitation is even possible. However, many of the identified vulnerabilities (ranging from 2 in AVM devices to nearly a dozen in other routers) were classified as high- and medium-severity.
Some of the most important issues include the use of an outdated kernel in all of the analyzed firmware versions, the presence of vulnerable services, such as multimedia functions and VPNs, the use of insecure communication protocols and certificates, and the presence of passwords in plaintext.
All of the manufacturers were notified about the findings, with most already fixing some of the more important bugs and in the process of addressing the rest, according to an advisory from IoT Inspector.
“Following our test, the affected manufacturers have already patched a lot of security gaps in their devices. But Wi-Fi routers are still not flawless. Manufacturers still have some catching up to do,” CHIP author Jörg Geiger said.
Users are advised to change passwords, ensure devices have automatic updates, and disable unnecessary router functions.
“Changing passwords on first use and enabling the automatic update function must be standard practice on all IoT devices, whether the device is used at home or in a corporate network. The greatest danger, besides vulnerabilities introduced by manufacturers, is using an IoT device according to the motto ‘plug, play and forget’,” IoT Inspector’s CEO Jan Wendenburg said.
Related: InHand Router Flaws Could Expose Many Industrial Companies to Remote Attacks
Related: Critical, Exploitable Flaws in NETGEAR Router Firmware
More from Ionut Arghire
- Blackpoint Raises $190 Million to Help MSPs Combat Cyber Threats
- ‘Asylum Ambuscade’ Group Hit Thousands in Cybercrime, Espionage Campaigns
- Google Cloud Now Offering $1 Million Cryptomining Protection
- Pharmaceutical Giant Eisai Takes Systems Offline Following Ransomware Attack
- North Korean Hackers Blamed for $35 Million Atomic Wallet Crypto Theft
- Cisco Patches Critical Vulnerability in Enterprise Collaboration Solutions
- Android’s June 2023 Security Update Patches Exploited Arm GPU Vulnerability
- US, Israel Provide Guidance on Securing Remote Access Software
Latest News
- In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption
- Blackpoint Raises $190 Million to Help MSPs Combat Cyber Threats
- Google Introduces SAIF, a Framework for Secure AI Development and Use
- ‘Asylum Ambuscade’ Group Hit Thousands in Cybercrime, Espionage Campaigns
- Evidence Suggests Ransomware Group Knew About MOVEit Zero-Day Since 2021
- SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint
- Google Cloud Now Offering $1 Million Cryptomining Protection
- Democrats and Republicans Are Skeptical of US Spying Practices, an AP-NORC Poll Finds
