[ad_1]
If you’re using a home Wi-Fi router, Wi-Fi range extender, or USB Wi-Fi network adapter from 2015 or earlier, it’s probably time to put it in a closet and get a newer model. This is because your device can be hacked on the internet right now.
Serious flaws have been found in hundreds of different models of home network devices manufactured and sold by at least 65 different companies, and cybercriminals are already attacking them. We have a list of vulnerable devices at the end of this page.
Most of the affected models were released between 2010 and 2015, and at least a few date back to 2004. IoT Inspector, the German information security company that found the flaws, estimates that hundreds of thousands of devices vulnerable individuals are used around the world today. .
“By exploiting these vulnerabilities, remote unauthenticated attackers can completely compromise the target device and execute arbitrary code with the highest level of privilege,” IoT Inspector writes in its report.
A known criminal gang is already attacking these devices using the flaws described in the IoT Inspector’s report, which was posted online a week ago (August 16).
Israeli information security firm SAM Seamless Network said it took just two days for operators of a botnet using a variant of the notorious Mirai malware, which cut off internet access over much of it. from the east coast of the United States one afternoon in October 2016, to begin the launch attacks.
Remote control
The particular flaw exploited by the botnet gang involves taking remote control of the router through the administrative interface, but unfortunately simply disabling remote access to the administrative interface will not solve the problem.
You just have to land on a malicious website on a computer using the router. There are also three other serious flaws.
These vulnerable devices all use Wi-Fi chips made by a Taiwanese company called Realtek. IoT Inspector notified Realtek of the flaws in May, and on August 13 Realtek released fixes for some, but not all, of the vulnerable chipsets. Other fixes will come from Realtek, but there are no plans to fix older chipsets.
Unfortunately, these fixes have to be implemented and refined by the manufacturers of the vulnerable devices and then released to consumers as new device firmware.
It is unlikely that many fixes will be available for download or installation, and it may take months for all updated firmware to be available. Older devices will probably never be patched.
What do you need to do
If you have any of the devices in the list below, here’s what to do.
If the device is only a few years old, let’s say 2015 or later: you’ll probably get a firmware update in the next few months.
Check the manufacturer’s website now for updates released after August 13, 2021. Check if the firmware release notes refer to vulnerability identification numbers CVE-2021-35392, CVE-2021-35393, CVE -2021-35394 or CVE-2021-35395, mention Realtek or credit IoT-Inspector for finding faults.
If so, the firmware will fix these issues. Follow the instructions on the manufacturer’s website to download and install the firmware. (Here’s how to update the router firmware for different brands.)
If an update is not available at the moment, disconnect the device and use a different router or access point until the updated firmware is available.
If the device was released between 2010 and 2015: Optionally, you can get a firmware update. As above, check the manufacturer’s website for existing firmware updates and follow the instructions.
If nothing has been posted since August 13, 2021, disconnect the device and continue to visit the website for the next few months.
If the device was first released before 2010: You will probably never get a firmware update. Get a newer device.
List of affected devices
|
Maker |
Affected models |
|---|---|
|
A-Link Europe Ltd |
A-Link WNAP WNAP (b) |
|
ARRIS Group, Inc |
VAP4402_CALA |
|
Airlive Corp. |
WN-250R, WN-350R |
|
Abocom System Inc. |
Wireless router? |
|
Aigital |
Wifi range extenders |
|
Amplified wireless |
AP20000G |
|
Askey |
AP5100W |
|
ASUSTek Computer Inc. |
Models RT-Nxx, WL330-NUL, Wireless WPS Router RT-N10E, Wireless WPS Router RT-N10LX, Wireless WPS Router RT-N12E, Wireless WPS Router RT-N12LX |
|
BEST ONE TECHNOLOGY CO., LTD. |
AP-BNC-800 |
|
Straight line |
Smart box v1 |
|
Belkin |
F9K1015, AC1200DB Wireless Router F9K1113 v4, AC1200FE F9K1123 Wireless Router, AC750 F9K1116 Wireless Router, N300WRX, N600DB |
|
Buffalo Inc. |
WEX-1166DHP2, WEX-1166DHPS, WEX-300HPS, WEX-733DHPS, WMR-433, WSR-1166DHP3, WSR-1166DHP4, WSR-1166DHPL, WSR-1166DHPL2 |
|
Calix inc. |
804Mesh |
|
China Mobile Communication Corp. |
AN1202L |
|
Compal Broadband Networks, INC. |
CH66xx cable modem line. |
|
Link D |
DIR-XXX models based on rlx-linux, DAP-XXX models based on rlx-linux, DIR-300, DIR-501, DIR-600L, DIR-605C, DIR-605L, DIR-615, DIR-618, DIR- 618b, DIR-619, DIR-619L, DIR-809, DIR-813, DIR-815, DIR-820L, DIR-825, DIR-825AC, DIR-825ACG1, DIR-842, DAP-1155, DAP-1155 A1 , DAP-1360 C1, DAP-1360 B1, DSL-2640U, DSL-2750U, DSL_2640U, DVG-2102S VoIP Router, DVG-5004S VoIP Router, DVG-N5402GF VoIP Router, DVG-N5402SP VoIP Router, DVG-N54 VoIP Router , DVG-N5402SP Wireless VoIP Device |
|
DASAN Networks |
H150N |
|
Davolink inc. |
DVW2700 1, DVW2700L 1 |
|
Edge-core |
ECG4510-05E-R01 VoIP Router |
|
Edimax |
RE-7438, BR6478N, Wireless router BR-6428nS, Wireless router N150 BR6228GNS, Wireless router N300 BR6428NS, BR-6228nS / nC |
|
Edison |
unknown |
|
EnGenius Technologies, Inc. |
11N wireless router, wireless AP router |
|
ELECOM Co., LTD. |
WRC-1467GHBK, WRC-1900GHBK, WRC-300FEBK-A, WRC-733FEBK-A |
|
Esson Technology Inc. |
Wifi module ESM8196 (therefore any device using this wifi module) |
|
EZ-NET Ubiquitous Corp. |
NEXT-7004N |
|
IFAD |
PRN3005L D5 |
|
Hama |
unknown |
|
Hawking Technologies, Inc. |
HAWNR3 |
|
MT-Link |
MT-WR600N |
|
IO DATA DEVICE, INC. |
WN-AC1167R, WN-G300GR |
|
iCotera |
i6800 |
|
IGD |
1T1R |
|
LG International |
Axler LGI-R104N Router, Axler LGI-R104T Router, Axler LGI-X501 Router, Axler LGI-X502 Router, Axler LGI-X503 Router, Axler LGI-X601 Router, Axler LGI-X602 Router, Axler RT-DSE Router |
|
LINK-NET TECHNOLOGY CO., LTD. |
LW-N664R2, LW-U31, LW-U700 |
|
Logitec |
BR6428GNS, LAN-W300N3L |
|
MMC technology |
MM01-005H, MM02-005H |
|
MT-Link |
MT-WR730N, MT-WR760N, MT-WR761N, MT-WR761N +, MT-WR860N |
|
Wireless network |
NF15ACV |
|
Netis |
WF2411, WF2411I, WF2411R, WF2419, WF2419I, WF2419R, WF2681 |
|
Netgear |
N300R |
|
Nexxt Solutions |
AEIEL304A1, AEIEL304U2, ARNEL304U1 |
|
Watch Telecom |
RTA01 |
|
Octtel |
ODC201AC VoIP Router, OGC200W VoIP Router, ONC200W VoIP Router, SP300-DS VoIP Router, SP5220SO VoIP Router, SP5220SP VoIP Router |
|
Omega technology |
Wireless N Router O31 OWLR151U, Wireless N Router O70 OWLR307U |
|
PATECH |
Axler RT-TSE, Axler R104 Router, Axler R3 Router, Axler X503 Router, Axler X603 Router, LotteMart 104L Router, LotteMart 502L Router, LotteMart 503L Router, P104S Router, P501 Router |
|
PLANEX COMMUNICATIONS INC., Planex Communications Corp. |
MZK-MF300N, MZK-MR150, MZK-W300NH3, MZK-W300NR, MZK-WNHR |
|
PLANET technology |
VIP-281SW |
|
Realtek |
RTL8196C EV-2009-02-06, RTL8xxx EV-2009-02-06, RTL8xxx EV-2010-09-20, RTL8186 EV-2006-07-27, RTL8671 EV-2006-07-27, RTL8671 EV-2010- 09-20, RTL8xxx EV-2006-07-27, RTL8xxx EV-2009-02-06, RTL8xxx EV-2010-09-20 |
|
Revogi systems |
|
|
Sitecom Europe BV |
Sitecom WLR-4001 Wireless Gigabit Router, Sitecom 150N X1 150N Wireless Router, Sitecom 300N X2 300N Wireless Router, Sitecom 300N X3 300N Wireless Router |
|
Skystation |
CWR-GN150S |
|
Sercomm Corp. |
Infinite Telmex |
|
Shaghal Ltd. |
ERACN300 |
|
Shenzhen Yichen (JCG) Technology Development Co., Ltd. |
JYR-N490 |
|
Skyworth digital technology. |
Mesh router |
|
Smart link |
unknown |
|
TCL communication |
unknown |
|
Technicolor |
TD5137 |
|
Telepuits |
TW-EAV510 |
|
Attempted |
AC6, AC10, W6, W9, i21 |
|
Totolink |
A300R |
|
TRENDnet, Inc., TRENDnet Technology, Corp. |
TEW-651BR, TEW-637AP, TEW-638APB, TEW-831DR |
|
UPVEL |
UR-315BN |
|
ZTE |
MF253V, MF910 |
|
Zyxel |
P-330W, X150N, NBG-2105, AP Router NBG-416N, AP Router NBG-418N, WAP6804 |
[ad_2]
Source link