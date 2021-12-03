To check if they were safe, the company checked for the presence of more than 5,000 known CVE vulnerabilities , and other security flaws. In that test, they discovered that the routers had, in most cases, more than twenty vulnerabilities. And the worst thing is that those vulnerabilities were known, so they should already be patched.

Among the brands that provided the routers are Asus, AVM, D-Link, Netgear, Edimax, TP-Link, Synology and Linksys . From ASUS, for example, we find the ROG Rapture GT-AX11000 , the fastest WiFi 6 router on the market. Most models have WiFi connectivity 6 , and with prices that in most cases exceed 200 euros. Therefore, they should be secure routers.

This is how researchers from the IoT Inspector , in collaboration with the CHIP magazine , who have analyzed router models that are among the most popular on the market among small businesses and home users. For testing, the manufacturers provided the routers, and the researchers updated them to the latest available firmware version before conducting each test.

These vulnerabilities weren’t all high-risk. The most common they encountered were the use of old versions of the Linux kernel, old versions of VPN and multimedia functions, use of outdated versions of the Linux kernel.e BusyBox, weak default passwords such as “admin”, or presence of credentials internally stored in plain text. In the worst case, a router had up to 11 high-risk vulnerabilities, the TP-Link Archer AX6000. The more secure were those of FritzBox.

Researchers recommend that, as soon as we install a router, the first thing we have to do is change default password. It is very dangerous to set up a device and then forget to update it or check its security.

The researchers did not detail the type of vulnerabilities they found in each model to prevent targeted attacks from being made. However, in one of them they did: in the D-Link DIR-X1560, where they managed to extract the router key from a firmware image. To do this, they obtained local privileges, obtained shell access, dumped the router image, and located the binary in charge of the decryption routine. With this, they obtained the AES key used to encrypt the firmware.

With that key, an attacker can send modified firmware updates that pass all verification mechanisms, but instead incorporate malware. This would be solved by encrypting the storage unit, but not everyone does.

All manufacturers have released firmware updates for routers to fix vulnerabilities discovered. Not all are patched, since the milder ones have not been fixed. However, it is recommended that you update your router immediately.