Rice_King Posted July 22, 2009 Share Posted July 22, 2009 A hacker has discovered a critical vulnerability in open-source firmware available for wireless routers made my Linksys and other manufacturers that allows attackers to remotely penetrate the device and take full control of it. The remote root vulnerability affects the most recent version of DD-WRT... More Link to comment Share on other sites More sharing options...
stumonster Posted July 22, 2009 Share Posted July 22, 2009 just a note for tomato users - an anti-xss safeguard was instituted back in 1.14 so this issue is not a concern to tomato firmware users. Link to comment Share on other sites More sharing options...
dave_boo Posted July 22, 2009 Share Posted July 22, 2009 Ouch. Just one more reason to use F/OSS software. You can supress the pop-up message in MS IE, but AFAIK you can't in say Firefox or Opera. Running a no-script plugin works wonders also. There's a bit of an end-user stupidity to this also. Leaving your web-ui on and not changing the subnet mask to a different string will allow you to be more easily exploited. Also, did you see the turn around time on response to the issue? As a side note, if someone did take control of my router, they'd be really bored with all the pr0n flowing through it (or perhaps not)...... Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now