Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

Researchers Find 226 Vulnerabilities in Nine Wi-Fi Routers

A total of 226 potential security defects were identified in nine Wi-Fi routers from known manufacturers as part of a study performed by IoT Inspector security researchers and editors with the German IT magazine CHIP.

A total of 226 potential security defects were identified in nine Wi-Fi routers from known manufacturers as part of a study performed by IoT Inspector security researchers and editors with the German IT magazine CHIP.

The TP-Link Archer AX6000 router was the most impacted, with a total of 32 security issues identified. Next in line was Synology RT-2600ac, with 30 bugs, followed by Netgear Nighthawk AX12 with 29 vulnerabilities, and D-Link DIR-X5460 with 26 flaws.

The published analysis also identified 25 security errors in Asus ROG Rapture GT-AX11000, 25 more in Edimax BR-6473AX, 21 in Linksys Velop MR9600, 20 in AVM FritzBox 7530 AX, and 18 in AVM FritzBox 7590 AX. Millions of users are likely affected, the researchers warn.

The vulnerabilities were identified using IoT Inspector’s security platform, which only flags errors such as the presence of outdated software, password hashes, or outdated services on a vulnerable router. False positives were also encountered.

[ READ: CISA Sets Deadline to Patch Zoho Qualcomm, Mikrotik Flaws ]

Not all of the identified weaknesses are considered real security flaws, and for some bugs it is unclear whether exploitation is even possible. However, many of the identified vulnerabilities (ranging from 2 in AVM devices to nearly a dozen in other routers) were classified as high- and medium-severity.

Some of the most important issues include the use of an outdated kernel in all of the analyzed firmware versions, the presence of vulnerable services, such as multimedia functions and VPNs, the use of insecure communication protocols and certificates, and the presence of passwords in plaintext.

All of the manufacturers were notified about the findings, with most already fixing some of the more important bugs and in the process of addressing the rest, according to an advisory from IoT Inspector.

Advertisement. Scroll to continue reading.

“Following our test, the affected manufacturers have already patched a lot of security gaps in their devices. But Wi-Fi routers are still not flawless. Manufacturers still have some catching up to do,” CHIP author Jörg Geiger said.

Users are advised to change passwords, ensure devices have automatic updates, and disable unnecessary router functions.

“Changing passwords on first use and enabling the automatic update function must be standard practice on all IoT devices, whether the device is used at home or in a corporate network. The greatest danger, besides vulnerabilities introduced by manufacturers, is using an IoT device according to the motto ‘plug, play and forget’,” IoT Inspector’s CEO Jan Wendenburg said.

Related: InHand Router Flaws Could Expose Many Industrial Companies to Remote Attacks

Related: Critical, Exploitable Flaws in NETGEAR Router Firmware

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.