Skip to main content

A ton of Ruckus Wireless routers are vulnerable to hackers

A security researcher has found several vulnerabilities in a number of Ruckus Wireless routers, which the networking giant has since patched.

Gal Zror told TechCrunch that the vulnerabilities he found lie inside in the web user interface software that runs on the company’s Unleashed line of routers.

The flaws can be exploited without needing a router’s password, and can be used to take complete control of affected routers from over the internet.

Routers act as a gateway between a home or office network and the wider internet. Routers are also a major line of defense against unauthorized access to that network. But routers can be a single point of failure. If attackers find and take advantage of vulnerabilities in the router’s software, they can control the device and gain access to the wider internal network, exposing computers and other devices to hacks and data theft.

Zror said his three vulnerabilities can be used to to gain “root” privileges on the router — the highest level of access — allowing the attacker unfettered access to the device and the network.

Although the three vulnerabilities vary by difficulty to exploit, the easiest of the vulnerabilities uses just a single line of code, Zror said.

With complete control of a router, an attacker can see all of the network’s unencrypted internet traffic. An attacker can also silently re-route traffic from users on the network to malicious pages that are designed to steal usernames and passwords.

Zror said that because many of the router are accessible from the internet, they make “very good candidates for botnets” That’s when an attacker forcibly enlists a vulnerable router — or any other internet-connected device — into its own distributed network, controlled by a malicious actor, which can be collectively told to pummel websites and other networks with massive amounts of junk traffic, knocking them offline.

There are “thousands” of vulnerable Ruckus routers on the internet, said Zror. He revealed his findings at the annual Chaos Communication Congress conference in Germany.

Ruckus told TechCrunch it fixed the vulnerabilities in the 200.7.10.202.92 software update, but said that customers have to update their vulnerable devices themselves.

“By design our devices do not fetch and install software automatically to ensure our customers can manage their networks appropriately,” said Ruckus spokesperson Aharon Etengoff. “We are strongly advising our customers and partners to deploy the latest firmware releases as soon as possible to mitigate these vulnerabilities,” he said.

Ruckus confirmed its SmartZone-enabled devices and Ruckus Cloud access points are not vulnerable.

“It’s very important for the customers to know that if they’re running an old version [of the software], they might be super vulnerable to this very simple attack,” said Zror.



from TechCrunch https://ift.tt/369ByD6

Comments

Popular posts from this blog

How To Play Doom – And More – On An NES

Doom was a breakthrough game for its time, and became so popular that now it’s essentially the “Banana For Scale” of hardware hacking. Doom has been ported to countless devices, most of which have enough processing ability to run the game natively. Recently, this lineup of Doom-compatible devices expanded to include the NES even though the system definitely doesn’t have enough capability to run it without special help. And if you want your own Doom NES cartridge, this video will show you how to build it . We featured the original build from [TheRasteri] a while back which goes into details about how it’s possible to run such a resource-intensive game on a comparatively weak system. You just have to enter the cheat code “RASPI”. After all the heavy lifting is done, it’s time to put it into a realistic-looking cartridge. To get everything to fit in the donor cartridge, first the ICs in the cartridge were removed (except the lockout IC) and replaced with custom ROM chips. Some modifica...

The Flexible Permanence of Copper Tape Circuits

Somewhere between shoving components into a breadboard temporarily and committing them to a piece of protoboard or a PCB lies the copper tape method. This flexible Manhattan-style method of circuitry formed the basis for [Bunnie Huang]’s Chibitronics startup, and has since inspired many to stop etching boards and start fetching hoards of copper tape. [Hales] hit the ground running when he learned about this method , and has made many a copper tape circuit in the last year or so. He offers several nice tips on his site that speak from experience with this method, and he’ll even show you how to easily work an SMD breakout board into the mix. Generally speaking, [Hales] prefers plywood as the substrate to paper or cardboard for durability. He starts by drawing out the circuit and planning where all the tape traces will go and how wide they need to be. Then he lays out copper traces and pads, rubs the tape against the substrate to make it adhere strongly, and reinforces joints and laps w...

The Newbie’s Guide To JTAG

Do you even snarf? If not, it might be because you haven’t mastered the basics of JTAG and learned how to dump, or snarf, the firmware of an embedded device. This JTAG primer will get you up to snuff on snarfing, and help you build your reverse engineering skills. Whatever your motivation for diving into reverse engineering devices with microcontrollers, JTAG skills are a must, and [Sergio Prado]’s guide will get you going. He starts with a description and brief history of the Joint Test Action Group interface, from its humble beginnings as a PCB testing standard to the de facto standard for testing, debugging, and flashing firmware onto devices. He covers how to locate the JTAG pads – even when they’ve been purposely obfuscated – including the use of brute-force tools like the JTAGulator . Once you’ve got a connection, his tutorial helps you find the firmware in flash memory and snarf it up to a file for inspection, modification, or whatever else you have planned. We always apprec...