Random Thread - Anything Goes
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@thecreativeone91 -- As I understand it, in order for the attacker to be able to execute this, they actually have to be connected to your wireless device or you have to have the web interface available to the interwebz. Am I right in this thinking?
-
@dafyre said:
@thecreativeone91 -- As I understand it, in order for the attacker to be able to execute this, they actually have to be connected to your wireless device or you have to have the web interface available to the interwebz. Am I right in this thinking?
Nope, the vulnerability is in the chipset itself. If you can get traffic too the unit even without being authenticated on wireless or even to the device at all, you can do remote script execution. Not the first time this has happened either. Even worse is some of these devices will have upnp enabled even on the WAN.
-
@thecreativeone91 said:
@dafyre said:
@thecreativeone91 -- As I understand it, in order for the attacker to be able to execute this, they actually have to be connected to your wireless device or you have to have the web interface available to the interwebz. Am I right in this thinking?
Nope, the vulnerability is in the chipset itself. If you can get traffic too the unit even without being authenticated on wireless or even to the device at all, you can do remote script execution. Not the first time this has happened either. Even worse is some of these devices will have upnp enabled even on the WAN.
So any traffic? Even a specially crafted packet sent to my router on port 80 from the WAN could trigger this vulnerability -- even if I have remote management turned off?
Hmm.... Time to go see if my router is on that list.
-
@dafyre said:
@thecreativeone91 said:
@dafyre said:
@thecreativeone91 -- As I understand it, in order for the attacker to be able to execute this, they actually have to be connected to your wireless device or you have to have the web interface available to the interwebz. Am I right in this thinking?
Nope, the vulnerability is in the chipset itself. If you can get traffic too the unit even without being authenticated on wireless or even to the device at all, you can do remote script execution. Not the first time this has happened either. Even worse is some of these devices will have upnp enabled even on the WAN.
So any traffic? Even a specially crafted packet sent to my router on port 80 from the WAN could trigger this vulnerability -- even if I have remote management turned off?
Hmm.... Time to go see if my router is on that list.
Well the firewall should stop it, but it may not. I wouldn't count on a poorly made peice of junks firewall to stop all packets. But some ports tend to be open by defualt on the wan with these units. UPNP has been open to the WAN many times on these before.
-
You can quit trying to hack my home connection... It's not Realtek. 8-)