Nearly 240,000 fiber router exist authentication bypass flaw that can be remotely attacked
According to recent news from ZDNet, security researchers found that they can remotely access more than one million optical fiber routers through a certification bypass vulnerability. Studies have shown that this vulnerability can easily be exploited by modifying the URL in the browser’s address bar, allowing anyone to bypass the router’s login page and access page by simply adding “?images/” to the end of the URL on any configuration page on the router. “You can access the router completely. Because the ping and traceroute commands on the device diagnostics page run at the “root” level, other commands can also be run remotely on the device.
These routers are the core of bringing the high-speed fiber-optic Internet to people’s homes. According to a survey released on Monday, the vulnerability was discovered in routers used for fiber connections. There are about 240,000 marked routers listed on Shodan. Half of the vulnerable routers are located on the Telmex network in Mexico and the rest are found in Kazakhstan and Vietnam.
The researchers indicated that they have contacted Dasan Networks, a Korean technology company that established the router but did not immediately receive a reply. In addition, he also contacted Telmex, the Internet provider with the highest number of vulnerable devices, and there was no reply.
Anonymous security researchers who discovered this bug believe that the vulnerabilities brought about far more damage than the affected routers. Because the device is a router, it means it can control its own network and it can use the entire network (not just this device) as a botnet. He added that routers can easily be tampered with, modify their DNS settings to redirect users to visit malicious versions of websites and thus steal user credentials.
Recent research shows that routers are the main targets of abuse by hackers because they are the center of most networks. When attacked, the attacker can further base on the network. Routers are also an easy target to use. They can easily be hacked, hijacked by botnets, and invade the target via Internet traffic and place them offline. This distributed denial of service (DDoS) attacks can destroy a large number of networks with precise targeting.
For example, earlier this month, British and U.S. authorities warned that Russian hackers are using damaged routers to lay the foundation for future attacks
