Multiple Vulnerabilities in Belkin Router Could Allow DNS Spoofing and Credentials Theft
Five zero-day vulnerabilities in Belkin N600 DB Wireless Dual Band N+ routers could have allowed attackers to grab credentials in clear text and spoof DNS requests, according to security researcher Joel Land.
The affected mode is F9K1102 v2 with firmware version 2.10.17, possibly earlier versions and models susceptible to the five found vulnerabilities as well.
By successfully exploiting the firmware vulnerabilities in the SOHO router, Joel believes attackers could have either pointed home users to crafted websites that might have delivered malware or towards phishing websites designed to collect sensitive or private user data.
“DNS queries originating from the Belkin N600, such as those to resolve the names of firmware update and NTP servers, use predictable TXIDs that start at 0x0002 and increase incrementally,” reads the CERT/CC advisory. “An attacker with the ability to spoof DNS responses can cause the router to contact incorrect or malicious hosts under the attacker’s control.”
Although no attacks have been reported in the wild, no fixes or updates address the found vulnerabilities. However, some workarounds have been proposed, involving only allowing trusted hosts to connect to the LAN, using strong authentication passwords for the web management interface, and avoidance of browsing with an active session to the web management interface.
The only vulnerability that currently has no workaround centers on the DNS spoofing or firmware tampering over HTTP, as users are unlikely to monitor traffic entering their router.
Ultimate Privacy Guide for Your Facebook Account
August 31, 2021
7 Signs It’s Time to Use Parental Controls On Your Family’s Devices
August 27, 2021
Your Netflix Account May Be on Sale on Darkweb. Protect It
August 13, 2021
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021
FOLLOW US ON
You might also like
September 28, 2021