Jump to content

Recommended Posts

Posted
TrueOnline is a Thai ISP that distributes customised versions of ZyXEL
and Billion routers - customised with vulnerabilities that is.
The routers contain several default administrative accounts and command
injections that can be abused by authenticated and unauthenticated
attackers. Details in the advisory below, which is a copy of
https://raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.txt
Metasploit modules have been released, see below.

This vulnerability was disclosed through the Securiteam Secure
Disclosure program:
https://blogs.securiteam.com/index.php/archives/2910
http://www.beyondsecurity.com/ssd

 

If you can turn Remote Admin off then it's far less of a problem; if you can limit it to wired connections only, even better.

 

http://seclists.org/fulldisclosure/2017/Jan/40

Posted

And while I'm at it, if you have a Netgear, they have updated the firmware for many models in response to a password recovery bug:

 

Quote

 

Netgear speaks out on new vulnerabilities, firmware updates available for most devices

Matthew Wilson 2 days ago Highlights V, Security

 

 

Update (02/02/17): Following on from our initial report on the new security vulnerabilities found in Netgear routers, the company got in touch with us to provide a fresh statement on the matter and clear a few things up. Recently, two new vulnerabilities were made public by security researcher TrustWave, making some Netgear routers open to botnets amongst other things. However, it turns out that Netgear has been issuing fixes for these problems since June:

“NETGEAR is aware of the vulnerability (CVE-2017-5521), that has been recently publicized by TrustWave. This is not a new or recent development. We have been working with the security analysts to evaluate the vulnerability from the time they first contacted us. After being notified of the vulnerability in April, we released the first batch of fixes in June and prioritized the products based on the greatest number of customers or shipments.”

“Since that time we have continued to release fixes for the remaining products, most of which are older obsolete products with a smaller install base, although it is important to note that we notified users of workarounds for all affected products contemporaneously with the first batch of fixes in June, so no one would be vulnerable pending the remaining fixes. ”

Right now, there are firmware fixes available for the majority of affected Netgear devices, patching the password recovery vulnerability and more. You can find the list of firmware fixes by device at Netgear’s Knowledge Base page.

 

 

Posted

The router exploit lists are many pages long with most never getting a fix. There are thousands of exploitable modems online
in Asia. Its a DNS changers dream.

 

Don't use a router supplied by your ISP as most are low grade trash anyway.

Posted
39 minutes ago, maxpower said:

The router exploit lists are many pages long with most never getting a fix. There are thousands of exploitable modems online
in Asia. Its a DNS changers dream.

 

Don't use a router supplied by your ISP as most are low grade trash anyway.

You don't have a choice with fiber and DOCSIS/cable plans as they are married to the plan/system.   Now you might be able to set the ISP provided router to bridge mode to let your personal router control most things, but their router is still the first one in the chain.  

 

Now if you have an ADSL plan, yea, no to little problem in not using the ISP provided router...bring  your own.

Posted
1 hour ago, Pib said:

You don't have a choice with fiber and DOCSIS/cable plans as they are married to the plan/system.   Now you might be able to set the ISP provided router to bridge mode to let your personal router control most things, but their router is still the first one in the chain.  

 

Now if you have an ADSL plan, yea, no to little problem in not using the ISP provided router...bring  your own.

I don't have a ISP supplied router just a modem on fiber.  Its not in the ISP's best interests to allow custom setups but many will do if asked.

I believe a cable company in the Pattaya area will throw you on a 20Mb fiber connection through Inet with modem only for around 500B/M.

Posted

I just use the Fibre router as an edge router, everything turned off.

But the Netgear R8000 had the update, so at least Netgear are bothering to fix their stuff.

The Feds are actually suing DLink for being so careless.

Posted

Well, I do have the crappy True Fibre router.... but do NOT use its built in wi-fi - that's all turned off.

And, obviously have changed its Admin password.

 

Use an Asus wifi router and its built in VPN client - which works great and fixes the lousy True router DNS (unchangeable) and other garbage issues.

Posted

Ive had about 8 dodgy true routers over the past 15 months, Very annoying but to their credit if there is an issue and I call em in the morning the techs will be here after lunch.

Posted
I don't have a ISP supplied router just a modem on fiber.  Its not in the ISP's best interests to allow custom setups but many will do if asked.
I believe a cable company in the Pattaya area will throw you on a 20Mb fiber connection through Inet with modem only for around 500B/M.


When I said ISP router I meant whether its a router with Wifi or modem only. Surprised any ISP provides a modem only now days.
Posted
12 hours ago, coops said:

Well, I do have the crappy True Fibre router.... but do NOT use its built in wi-fi - that's all turned off.

And, obviously have changed its Admin password.

 

Use an Asus wifi router and its built in VPN client - which works great and fixes the lousy True router DNS (unchangeable) and other garbage issues.

just subscribed a true fiber pkg a couple of days back, given huawei onu (fiber router with wifi) and the built-in wifi is extremely annoying with constant drop-offs.  called in 3 days in a row, explaining 3 times, got sms confirmation that technician will come today and didn't come, but technician did call in and ask what is the problem (again), and promised again to come in tomorrow to change router....  see how it goes tomorrow

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...