Chicog Posted February 4, 2017 Share Posted February 4, 2017 TrueOnline is a Thai ISP that distributes customised versions of ZyXEL and Billion routers - customised with vulnerabilities that is. The routers contain several default administrative accounts and command injections that can be abused by authenticated and unauthenticated attackers. Details in the advisory below, which is a copy of https://raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.txt Metasploit modules have been released, see below. This vulnerability was disclosed through the Securiteam Secure Disclosure program: https://blogs.securiteam.com/index.php/archives/2910 http://www.beyondsecurity.com/ssd If you can turn Remote Admin off then it's far less of a problem; if you can limit it to wired connections only, even better. http://seclists.org/fulldisclosure/2017/Jan/40 Link to comment Share on other sites More sharing options...
Chicog Posted February 4, 2017 Author Share Posted February 4, 2017 And while I'm at it, if you have a Netgear, they have updated the firmware for many models in response to a password recovery bug: Quote Netgear speaks out on new vulnerabilities, firmware updates available for most devices Matthew Wilson 2 days ago Highlights V, Security Update (02/02/17): Following on from our initial report on the new security vulnerabilities found in Netgear routers, the company got in touch with us to provide a fresh statement on the matter and clear a few things up. Recently, two new vulnerabilities were made public by security researcher TrustWave, making some Netgear routers open to botnets amongst other things. However, it turns out that Netgear has been issuing fixes for these problems since June: “NETGEAR is aware of the vulnerability (CVE-2017-5521), that has been recently publicized by TrustWave. This is not a new or recent development. We have been working with the security analysts to evaluate the vulnerability from the time they first contacted us. After being notified of the vulnerability in April, we released the first batch of fixes in June and prioritized the products based on the greatest number of customers or shipments.” “Since that time we have continued to release fixes for the remaining products, most of which are older obsolete products with a smaller install base, although it is important to note that we notified users of workarounds for all affected products contemporaneously with the first batch of fixes in June, so no one would be vulnerable pending the remaining fixes. ” Right now, there are firmware fixes available for the majority of affected Netgear devices, patching the password recovery vulnerability and more. You can find the list of firmware fixes by device at Netgear’s Knowledge Base page. Link to comment Share on other sites More sharing options...
lungbing Posted February 4, 2017 Share Posted February 4, 2017 No, but I've a duff 3BB one that forgets its wifi password every week or so then I have to reset it. Link to comment Share on other sites More sharing options...
maxpower Posted February 4, 2017 Share Posted February 4, 2017 The router exploit lists are many pages long with most never getting a fix. There are thousands of exploitable modems online in Asia. Its a DNS changers dream. Don't use a router supplied by your ISP as most are low grade trash anyway. Link to comment Share on other sites More sharing options...
Pib Posted February 4, 2017 Share Posted February 4, 2017 39 minutes ago, maxpower said: The router exploit lists are many pages long with most never getting a fix. There are thousands of exploitable modems online in Asia. Its a DNS changers dream. Don't use a router supplied by your ISP as most are low grade trash anyway. You don't have a choice with fiber and DOCSIS/cable plans as they are married to the plan/system. Now you might be able to set the ISP provided router to bridge mode to let your personal router control most things, but their router is still the first one in the chain. Now if you have an ADSL plan, yea, no to little problem in not using the ISP provided router...bring your own. Link to comment Share on other sites More sharing options...
maxpower Posted February 4, 2017 Share Posted February 4, 2017 1 hour ago, Pib said: You don't have a choice with fiber and DOCSIS/cable plans as they are married to the plan/system. Now you might be able to set the ISP provided router to bridge mode to let your personal router control most things, but their router is still the first one in the chain. Now if you have an ADSL plan, yea, no to little problem in not using the ISP provided router...bring your own. I don't have a ISP supplied router just a modem on fiber. Its not in the ISP's best interests to allow custom setups but many will do if asked. I believe a cable company in the Pattaya area will throw you on a 20Mb fiber connection through Inet with modem only for around 500B/M. Link to comment Share on other sites More sharing options...
Chicog Posted February 4, 2017 Author Share Posted February 4, 2017 I just use the Fibre router as an edge router, everything turned off. But the Netgear R8000 had the update, so at least Netgear are bothering to fix their stuff. The Feds are actually suing DLink for being so careless. Link to comment Share on other sites More sharing options...
coops Posted February 4, 2017 Share Posted February 4, 2017 Well, I do have the crappy True Fibre router.... but do NOT use its built in wi-fi - that's all turned off. And, obviously have changed its Admin password. Use an Asus wifi router and its built in VPN client - which works great and fixes the lousy True router DNS (unchangeable) and other garbage issues. Link to comment Share on other sites More sharing options...
Don Mega Posted February 4, 2017 Share Posted February 4, 2017 Ive had about 8 dodgy true routers over the past 15 months, Very annoying but to their credit if there is an issue and I call em in the morning the techs will be here after lunch. Link to comment Share on other sites More sharing options...
Pib Posted February 5, 2017 Share Posted February 5, 2017 I don't have a ISP supplied router just a modem on fiber. Its not in the ISP's best interests to allow custom setups but many will do if asked. I believe a cable company in the Pattaya area will throw you on a 20Mb fiber connection through Inet with modem only for around 500B/M.When I said ISP router I meant whether its a router with Wifi or modem only. Surprised any ISP provides a modem only now days. Link to comment Share on other sites More sharing options...
linguini Posted February 5, 2017 Share Posted February 5, 2017 12 hours ago, coops said: Well, I do have the crappy True Fibre router.... but do NOT use its built in wi-fi - that's all turned off. And, obviously have changed its Admin password. Use an Asus wifi router and its built in VPN client - which works great and fixes the lousy True router DNS (unchangeable) and other garbage issues. just subscribed a true fiber pkg a couple of days back, given huawei onu (fiber router with wifi) and the built-in wifi is extremely annoying with constant drop-offs. called in 3 days in a row, explaining 3 times, got sms confirmation that technician will come today and didn't come, but technician did call in and ask what is the problem (again), and promised again to come in tomorrow to change router.... see how it goes tomorrow Link to comment Share on other sites More sharing options...
.png.3b3332cc2256ad0edbc2fe9404feeef0.png)
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now