Possible link discovered that ties together Wi-Fi routers with backdoors

Share this article:
Possible link discovered that ties together Wi-Fi routers with backdoors
Possible link discovered that ties together Wi-Fi routers with backdoors

A manufacturer of broadband and wireless networking equipment may be the link that ties together a number of Wi-Fi routers that contain backdoors, some of which are vulnerable to remote attacks, according to a researcher.

While tinkering around with his Linksys WAG200G wireless router over the 2013 holiday, Eloi Vanderbeken – who recorded his work in an illustrated slideshow – used some reverse engineering and brute force techniques to execute commands against the device. In the end, Vanderbeken learned that he could reset the router's password and access its administration panel.

“I only had one day to test my codes/assumptions, so the following slides are just some random thoughts/observations,” Vanderbeken wrote in his slideshow presentation.

Since posting his initial findings, Vanderbeken has updated his research, confirming that versions of the Cisco WAP4410N-E, Linksys WAG120N, Netgear DG834B, Netgear DGN2000 and Open WAG200 contain internet backdoors – meaning those devices are vulnerable to remote attacks.

Other Wi-Fi routers – including several devices from Cisco, Linksys, Netgear, Diamond and LevelOne – are listed as being vulnerable to attacks for which a user needs to be connected to the local network.

On the website where he has been updating and discussing his research, Vanderbeken linked to an article that targets Sercomm, a manufacturer of networking equipment, as the bond that ties all these devices together.

The link was not working on Monday afternoon and a Sercomm representative could not immediately be reached by SCMagazine.com for comment.

At the end of December 2013, a German newspaper reported that a number of products, including some by Cisco, contained NSA backdoors.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Company news: New hires at Accuvant, ZeroFox and ThreatStream

New hires at Accuvant, ZeroFOX and ThreatStream, while a divestiture at Juniper and an acquisition for BlackBerry.

News briefs: The latest on Sony, Android, Backoff malware and more.

News briefs: The latest on Sony, Android, Backoff ...

This month's news briefs cover a preliminary settlement Sony will bear for the exposure of 77 million customers, and more.

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.