A total of 226 potential security defects were identified in nine Wi-Fi routers from known manufacturers as part of a study performed by IoT Inspector security researchers and editors with the German IT magazine CHIP.
The TP-Link Archer AX6000 router was the most impacted, with a total of 32 security issues identified. Next in line was Synology RT-2600ac, with 30 bugs, followed by Netgear Nighthawk AX12 with 29 vulnerabilities, and D-Link DIR-X5460 with 26 flaws.
The published analysis also identified 25 security errors in Asus ROG Rapture GT-AX11000, 25 more in Edimax BR-6473AX, 21 in Linksys Velop MR9600, 20 in AVM FritzBox 7530 AX, and 18 in AVM FritzBox 7590 AX. Millions of users are likely affected, the researchers warn.
The vulnerabilities were identified using IoT Inspector’s security platform, which only flags errors such as the presence of outdated software, password hashes, or outdated services on a vulnerable router. False positives were also encountered.
[ READ: CISA Sets Deadline to Patch Zoho Qualcomm, Mikrotik Flaws ]
Not all of the identified weaknesses are considered real security flaws, and for some bugs it is unclear whether exploitation is even possible. However, many of the identified vulnerabilities (ranging from 2 in AVM devices to nearly a dozen in other routers) were classified as high- and medium-severity.
Some of the most important issues include the use of an outdated kernel in all of the analyzed firmware versions, the presence of vulnerable services, such as multimedia functions and VPNs, the use of insecure communication protocols and certificates, and the presence of passwords in plaintext.
All of the manufacturers were notified about the findings, with most already fixing some of the more important bugs and in the process of addressing the rest, according to an advisory from IoT Inspector.
“Following our test, the affected manufacturers have already patched a lot of security gaps in their devices. But Wi-Fi routers are still not flawless. Manufacturers still have some catching up to do,” CHIP author Jörg Geiger said.
Users are advised to change passwords, ensure devices have automatic updates, and disable unnecessary router functions.
“Changing passwords on first use and enabling the automatic update function must be standard practice on all IoT devices, whether the device is used at home or in a corporate network. The greatest danger, besides vulnerabilities introduced by manufacturers, is using an IoT device according to the motto ‘plug, play and forget’,” IoT Inspector’s CEO Jan Wendenburg said.
Related: InHand Router Flaws Could Expose Many Industrial Companies to Remote Attacks
Related: Critical, Exploitable Flaws in NETGEAR Router Firmware
More from Ionut Arghire
- Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation
- Google Cloud Users Can Now Automate TLS Certificate Lifecycle
- NCC Group Releases Open Source Tools for Developers, Pentesters
- Memcyco Raises $10 Million in Seed Funding to Prevent Website Impersonation
- Apria Healthcare Notifying 2 Million People of Years-Old Data Breaches
- European Cybersecurity Firm Sekoia.io Raises $37.5 Million
- GitLab Security Update Patches Critical Vulnerability
- Android App With 50,000 Downloads in Google Play Turned Into Spyware via Update
Latest News
- Industrial Giant ABB Confirms Ransomware Attack, Data Theft
- Organizations Worldwide Targeted in Rapidly Evolving Buhti Ransomware Operation
- Google Cloud Users Can Now Automate TLS Certificate Lifecycle
- Zyxel Firewalls Hacked by Mirai Botnet
- Watch Now: Threat Detection and Incident Response Virtual Summit
- NCC Group Releases Open Source Tools for Developers, Pentesters
- Memcyco Raises $10 Million in Seed Funding to Prevent Website Impersonation
- New Russia-Linked CosmicEnergy ICS Malware Could Disrupt Electric Grids
