Strategy, Vulnerability management

Vulnerability leaves Belkin router open to attack

November 12, 2014

A vulnerability discovered earlier this year in a Belkin router could let an unauthenticated remote attacker to obtain administrator privileges and take control of affected devices if left unpatched, according to an advisory from Integrity Labs.

A researcher at Integrity discovered the vulnerability in the Belkin N750 dualband router after “some fuzzed requests” yielded a “ POST parameter “jump” [that] suffered from a classic buffer overflow with a payload containing 5000 bytes.” The process died, the advisory said, “after the referred buffer overflow.”

But over the last six months of analysis, researchers found that attackers to get past guest login screens to nab control over affected devices. Belkin issued a firmware patch for the vulnerability last March.

In August, a Belkin device was among the routers discovered to have a flaw during the SOHOpelessly Contest at DefCon in August.

prestitial ad