If so, the router can be sent commands directly, NetUSB does not do authentication. Perhaps most worrying is that some routers are double buggy and open port 20005 on the WAN/Internet side also. NetUSB opens port 20005 on the LAN side of the router. This bug is a buffer overflow and, fortunately, is hard to exploit. Sometimes NetUSB can be disabled via the router web interface, sometimes not. Back in 2015, there were 26 router vendors thought to be using NetUSB.
#Bleeping computer usb format tool software
Software that enables this sharing, NetUSB, was found to be buggy back in May 2015. Millions of Wi-Fi routers vulnerable to hacker attack - what you need toīy Paul Wagenseil of Toms Guide January 11, 2022Ĭonsumer routers are buggy enough without also expecting them to share assorted devices plugged into their USB ports. Here we go again, another bug in NetUSB affects many routers All the bugs are now displayed belowĢ016 bugs 2015 bugs 2014 bugs 2013 bugs 2012 bugs 2011 bugs 2010 bugs 20 To see all the bugs on one B_I_G web page (makes it easy to find all the issues for any one manufacturer) click this button =>ĭONE. Older bugs, from 2016 through 2012, are available at the bottom of this page. A lawsuit alleged that D-Link "failed to take reasonable steps to protect their routers and IP cameras from widely known and reasonably foreseeable risks of unauthorized access." D-Link was also accused of misleading the public about the security of their devices. THE US GOVERNMENT IS MAD AS HELL: In January 2017, the FTC accused D-Link of leaving its routers and webcam devices vulnerable to hackers. Other huge flaws involved UPnP being exposed to the Internet and file sharing on a USB port.
Then, of course, there is WPS, the electronic equivalent of a "hack me" sign on your back. Another flaw not to be missed is the Misfortune Cookie from December 2014. A router backdoor was exposed, then instead of being removed, was just better hidden. The port 32764 issue from January 2014 and April 2014 for example.
Another reason is cost: router software is developed as cheaply as possible.īIG BUGS: A number of flaws stand out. One reason for this is your ISP, which may have configured the router/gateway in an insecure way, either on purpose, to allow spying, or out of laziness or incompetence. You may be thinking that all software is buggy, but router software is probably worse. Starting April 2018, I also track routers in the news which details the exploitation of router flaws. This page documents the existence of bugs in routers. On the whole, the software in these routers is buggy as heck. If you care about the security of your router, and you should, it is best to avoid consumer grade routers.