Become a fan of Slashdot on Facebook


Forgot your password?
Networking Security

At Least 700,000 Routers Given To Customers By ISPs Are Vulnerable To Hacking 96

itwbennett writes: More than 700,000 ADSL routers provided to customers by ISPs around the world contain serious flaws that allow remote hackers to take control of them. Most of the routers have a 'directory traversal' flaw in a firmware component called webproc.cgi that allows hackers to extract sensitive configuration data, including administrative credentials. The flaw isn't new and has been reported by multiple researchers since 2011 in various router models.
This discussion has been archived. No new comments can be posted.

At Least 700,000 Routers Given To Customers By ISPs Are Vulnerable To Hacking

Comments Filter:
  • by chuckinator ( 2409512 ) on Friday March 20, 2015 @09:36AM (#49300503)
    I've always run my own hardwsare for years for a reason: it gives me a buffer beyond which I know the ISP no longer has control of my home network. 2x OpenWRT routers, a managed switch in the middle, and a lightweight embedded PC running the essential network services (dhcp, dns, ntp, etc), and the IT management overhead is fairly low.
    • by Njorthbiatr ( 3776975 ) on Friday March 20, 2015 @09:38AM (#49300531)

      Me too, since the only reason they want you to use their router is in the first place is to price gouge with rental fees.

      • And they should have liability for that rented equipment :)

    • by neghvar1 ( 1705616 ) on Friday March 20, 2015 @10:05AM (#49300785)
      This is why I always run my own router behind the ISP's router. Create a DMZ between the 2 routers with a subnet so that the only available IP addresses are one for the WAN port on my router and the other for the LAN port on the ISP router.
      • by antdude ( 79039 )

        Or don't use/disable the ISP's router?

    • by Chris Katko ( 2923353 ) on Friday March 20, 2015 @10:50AM (#49301227)
      You seem to be under the assumption that your hardware, and your compiler are incapable of being attack vectors. []
      • by houstonbofh ( 602064 ) on Friday March 20, 2015 @11:50AM (#49301875)

        You seem to be under the assumption that your hardware, and your compiler are incapable of being attack vectors.

        Possible attack vectors vs known attack vectors. I guess you could also add "likely attack vectors" since they keep getting compromised, and not updated. Of course, so does user home equipment.

        The big difference is, if I own it, I can upgrade the software, and choose secure passwords. If I rent it, I have to trust that Comcast is a conscientious as I am. Stop laughing!

      • Good thing I'm not using bcc as a compiler. Probably not very useful off of PDP-7 or PDP-11 systems, anyway.
    • I would prefer it if it was illegal to have service providers also provide the hardware. Because since they provide 'free' hardware, the cost of that hardware is in your bill. So even though you aren't using the 'free' hardware, you're still subsidizing it in some way.
      • Comcast charges a rental fee for their router, it's right on the bill. Qwest, er Century Link, did the same thing
        • by Enry ( 630 )

          Verizon gave me a free router for signing up for FIOS. It's still in my basement collecting dust but it's not a line item on the bill like the cablecard.

    • by RPI Geek ( 640282 ) on Friday March 20, 2015 @11:07AM (#49301451) Journal
      I did this quite recently and I couldn't agree more!

      After my Linksys started dying on a regular basis, I repurposed an old laptop that had been sitting untouched for years into an OpenBSD router []. After fiddling with it for a while to get the settings correct, I switched out my old Linksys and haven't had so much as a hiccup since then. The 26 days uptime is ~19 more than my average with the crappy old Linksys, at the cost of a bit more power consumption. At some point I may upgrade my hardware to something lower-power, but so far I'm calling my experiment a sucess.

  • by barlevg ( 2111272 ) on Friday March 20, 2015 @09:45AM (#49300599)
    I realize this isn't the router in question, but I refuse to use my Comcast modem--which has a wireless router built in--as anything but a modem, preferring to run everything through my own hardware. Also disabling that stupid Comcast Hot Spot functionality--like Hell am I paying Comcast for the privilege of hosting a part of their "free wireless" network, whether it affects my own personal bandwidth or not (or whether it leaves a door open to hacking into my own private network).
    • Re: (Score:3, Interesting)

      by Anonymous Coward

      Why don't you just buy a docsis 3 modem then? Stop paying for the privilege of renting a modem.

      • by barlevg ( 2111272 ) on Friday March 20, 2015 @11:15AM (#49301525)
        Wow. You're absolutely right. They charge me $10/mo, and modems are less than $100. That's insane.
        • by chihowa ( 366380 )

          Keep in mind that it's purely a monetary win, though. Even though you own the modem, they completely control it and can (and do) reflash its firmware. You should still treat it as a potentially hostile device on your network.

          There are other limitations, too, like Comcast's refusal to sell you static IP addresses unless you rent a modem from them.

  • Service backdoors (Score:5, Interesting)

    by Registered Coward v2 ( 447531 ) on Friday March 20, 2015 @09:50AM (#49300649)
    Having been a field engineer, where I had to fix and make work the stuff the idiots who called them selves engineers doing the design, having a backdoor to access systems was very useful. Customer didn't remember the password? No problem, I still had a way into the control system. I did, however, wonder what other equipment had the same "feature?" My stuff had no public facing interface no network connection so illicit access was not an issue except maybe if a disgruntled employee decided to have some fun; but the general design approach was "we need backdoors for support reasons" and that mentality carried over as equipment became more connected and no one ever seems 2015-03-20o question it or assess the risks vs reward for such a design philosophy. Of course, no one would ever access the proprietary "Company Confidential" engineering support documentation, right? It's kept safe right here on our internal document so no one weill ever know our backdoor user is "admin" with a password of "Pass1234" and thus we can make them easy for our field support staff, who we at HQ all know are dumb knuckle dragging mouth breathers anyway, to remember.
  • Belkin N150 (Score:5, Informative)

    by Anonymous Coward on Friday March 20, 2015 @10:11AM (#49300853)

    Why doesn't the OP mention that they're only talking about the Belkin N150, with various versions of the firmware prior to v1.00.08?

  • by Anonymous Coward on Friday March 20, 2015 @10:14AM (#49300875)

    Many of the routers in Thailand are hacked to use a DNS owned by a Lebanese company that replaces the DNS entries of ad-networks by their own ad-networks and redirect servers.

    The largest ISP hands out ZyXEL routers that are vulnerable. This is probably also happening in other countries, only for Thailand this must be already a million dollar business.

    Check the DNS entry of your router! You might not observe that you are hacked if you use an ad-blocker or hard-coded DNS in your system.

    • I had an ActionTek ADSL router provided by Century Link. All the computers on my network started having browser requests hijacked to a rogue website. I ran all kinds of virus checks on the PCs and found nothing. A check of the DNS IP address in the router revealed a known bad actor. The support tech at Century Link was completely unaware that this was even possible.
      • ...The support tech at Century Link was completely unaware that this was even possible.


      • by Anonymous Coward

        When DNS hijacks were popular, there was a test website that was a great test. The website simply linked to the logo graphic of all the major AV vendors.

        Malware often tried to block the cure with DNS or hosts file changes.

        Visiting the site revealed which ones were blocked by the failure to load the logos.

        Does anyone know the page or if it is still up?

  • by nimbius ( 983462 ) on Friday March 20, 2015 @10:42AM (#49301151) Homepage
    This is a preliminary workaround so im sure many of you will find bugs, but heres what im using:
    1. unbox the router from your ISP. Many will come with an extra CAT 5 cord. Set this aside.
    2. position the router (and wireless antennas should it come with wireless) directly above your garbage can
    3. releasing the device will cause it to fall at 9.81m/s^2 directly into the bin (NOTE: this DOES NOT WORK or may respond slowly in areas without earth mode gravity...double check first.)
    4. Wind the cat 5 cord in a pretty loop and hang it up with the rest of them.
    5. continue instructions at: []
    • Directions unclear. Router bounced off lid of garbage can and landed on toe. Involuntary spasm caused garbage can to be knocked over and to become tripping hazard. In hospital with concussion. Garbage everywhere.
  • The webpage linked shows precisely ONE router model. Or, am I blind? []

  • When replacing my parents' AT&T U-Verse router with a brand new U-Verse router, I was dismayed to note that it only supports 802.11g. WTF? That's a wifi standard from 2003. It's as if AT&T give zero fucks about your wi-fi experience.

    • Hmmm

      Unless networking between local systems, 802.11g is more than adequate for the Wan link speed they're likely getting from AT&T DSL.
      Since you said you were replacing their router and it's your parents ( if your parents are like mine ), I would wager they're not running
      NAS backups locally, or doing much else between local systems requiring lots of bandwidth. So I'm not sure I would see a need for
      them to run N or even AC class WI-FI. ( Mine most certainly didn't. )

      What's the top speed offerings on Uv

      • With only 3 non-overlapping channels, and often wifi access points choosing their own overlapping channel (like 3 or 8), your parent's wireless is likely interfering with a neighbor's wireless. This is much more likely in an apartment complex.

        If someone is running 802.11g (or, 802.11b because they only have 6mbps DSL and 11mbps 802.11b is more than enough for their DSL), they are occupying the wireless channel for an extended amount of time.

        Even a group of grandmas in an apartment complex running 802.11b on

  • This is just one example of why there needs to be a clear "right to fix" when it comes to firmware. For *any* object with firmware in it, the owner of the hardware MUST have a legal right to unlock (if locked), reverse engineer (if required), change, update and fix the firmware. We are heading into an abyss where flaws/bugs/exploits in our cars, thermostats, TV's, phones, IOT tags, routers, etc. etc. WILL be found years after they have been sold. There is no way we can rely on the original equipment maker t

  • by Anonymous Coward


    1. Belkin ADSL routers are crap and hackable
    2. This has been known since 2011
    3. As a result, only 700K of them are still in use worldwide

    Where's the news? Where's the angle? Pre-fixing a number with "More than" doesn't make it big, it only makes it sound that way. 700K isn't even a spit in the ocean, I live in a medium sized city in a small country and it has more than 700K routers. This is just fearmongering, and it's not even a very good attempt at it. Why was this posted?

In seeking the unattainable, simplicity only gets in the way. -- Epigrams in Programming, ACM SIGPLAN Sept. 1982