4

I found a lot of resources about how to secure WiFi networks. This question is not about that. How can I make sure the software running on the modem/router is not exploitable to known security flaws? I found reports on many discovered vulnerabilities, but to my surprise no-one has put up exhaustive lists on vulnerable devices? Even the manufacturers don't report which of their devices are vulnerable, even though they know.

Listing some vulnerabilities which allow remote code execution on routers:

UPnP: researchers found exploitable flaws in some widely used UPnP implementations. UPnP is a feature which is on by default in many routers, printers and other devices.

Over 80 million unique IPs were identified that responded to UPnP discovery requests from the internet. Somewhere between 40 and 50 million IPs are vulnerable to at least one of three attacks outlined in this paper. Source.

I've disabled UPnP on my modem.

WPS: This only applies to attackers within WiFi distance, so it's not that bad, but I've disabled WPS on my router anyway.

Then there's Misfortune Cookie, which in 2014 affected at least 12 million devices on the internet. The vulnerability is in a RomPager webserver running inside many routers to provide an admin interface. "Attackers can send specially crafted HTTP cookies that exploit the vulnerability to corrupt memory and alter the application state." I don't understand why the web server for the admin interface of a router has to be visible to the internet in the first place... I was unable to find out whether my modem or router are affected by this.

Atte Juvonen
  • 440
  • 1
  • 4
  • 10
  • It's not just about the devices, it's about the versions of the firmware that may or may not be vulnerable. I suggest shifting your focus to 'firmware' from 'device'. – schroeder Nov 01 '16 at 19:09
  • Turn off WAN access to the admin page of your router. – schroeder Nov 01 '16 at 19:10
  • Have a look at http://routersecurity.org/. It even has a [checklist](http://routersecurity.org/checklist.php), shows [bugs for specific devices](http://routersecurity.org/bugs.php) etc. – Steffen Ullrich Nov 01 '16 at 19:10
  • I'm not sure what you are really asking here. There are lots of tutorials of things you can do to 'harden' your router. Keep firmware updated, WPA2 with strong keys, turn off WAN access. – schroeder Nov 01 '16 at 19:12
  • How can I know if my device/firmware is vulnerable to known exploits? – Atte Juvonen Nov 01 '16 at 19:16
  • look into openwrt, it's open source. – dandavis Nov 01 '16 at 20:16

1 Answers1

4

I consider this question as too broad for a good but small enough answer.
Fortunately there is already a website out there which addresses your problem in a very extensive way and which is kept up-to-date about new problems: routersecurity.org. There you will find a security checklist for things you need to watch out for, current bugs in existing routers, and extensive introduction about the topic and lots of links to external resources for even more information. There is no need to replicate all these information here so please have a look there.

Apart from that it helps often to search for your specific router model in connection with the words "vulnerability" or "exploit" or "security". You might also just use the name of the vendor instead of the exact model for this search since some vendors have bad security record while other have a good one. If you really don't find any information about your router model online it might just be that insignificant that it is probably vulnerable but nobody cared to look (yet).

Steffen Ullrich
  • 184,332
  • 29
  • 363
  • 424