Can an old and upatched (assume a 15 y.o. TP-Link: so plenty of vulnerabilities) be breached given:
- no physical access
- WEP is disabled
- WPA is up but password is not crackable via
aircrack-ng+johntheripper
Asked
Active
Viewed 154 times
0
Vorac
- 1,817
- 3
- 20
- 27
-
1And not through the LAN/WAN? – schroeder Sep 03 '20 at 06:41
-
Yes... can a router picked up from the production line 10 seconds ago be breach? yes... Unless you make a specific question the answer to "can x' be breached" is yes by definition. e.a.: can you clean up this question and make it specific, what type of attack are you worried about. what tye of pretection is in use. from what side do you need the protection. etc. etc. – LvB Sep 03 '20 at 10:04
2 Answers
1
Given the other side of the router is attached to the internet, I'd say, yes.
- https://techcrunch.com/2019/05/22/tp-link-routers-vulnerable-remote-hijack/
- https://www.pcwrt.com/2020/06/netgear-router-vulnerability/
- https://latesthackingnews.com/2020/07/22/cisco-patched-numerous-critical-vulnerabilities-in-vpn-routers/
The list goes on and on...
mcfedr
- 162
- 4
1
In addition to attacks on the WAN/LAN port through Ethernet, it's also possible that the wireless firmware has exploitable bugs that can be used without associating with it. I believe there was some news recently about some Intel wireless NIC firmware or driver that had some bugs that could be exploited by crafting malicious wireless frames.
user
- 606
- 7
- 11
-
I was thinking of something similar, some router company recently, but couldnt work out how to find it on google... – mcfedr Sep 03 '20 at 17:33
-
@mcfedr The huge quantity of vulnerabilities and exploits that are being discovered makes it hard to find anything specific on Google. It might be easier to search through CVE websites instead. – user Sep 03 '20 at 17:41