Thailand ISP ignores router flaws Router vulnerabilities disclosed in July remain unpatched by Michael Mimoso of Kaspersky Threatpost January 17, 2017 The first sentence of this article is all you need to read: "Details on serious ups worldship version 16 vulnerabilities in a number of routers freely distributed.
No last updated date.
Millions of Cable Modems Vulnerable audiotx communicator v1.4f crack by tsrh to Easy Attack by Henry Casey of Toms Guide Apr 8, 2016 Popular cable modem vulnerable to remote reboot/reset flaw by Darren Pauli of The Register April 11, 2016 According to this May 8, 2016 report Comcast has updated modems.As far as I know the attacks are local, not remote.This has links to updated firmware for all affected models.Logic security flaw in TP-link - t by Amitay Dan CEO at Cybermoon July 1, 2016 TP-link lost control of two domains used to configure routers and Wi-Fi extenders by me July 4, 2016.The bug, discovered by SEC Consult, allows authenticated users to inject arbitrary commands into the web interface.A number of flaws stand out.If a router wasn't using the defaults I looked up the default diablo 3 latest patch wont username and password on the manufactures website.
The worm prevents users from using some inbound ports, and opens outbound ports through which it spreads to other routers.
Details to be documented in ICS-cert Advisory.Most of the vulnerabilities can be exploited remotely, some without authentication.Enter the routers password here and click the submit button.Some of the functions, such as rebooting the router, can be exploited straight away by an unauthenticated attacker.One issue is an authentication bypass vulnerability, the other is a hard-coded cryptographic key.The main goal of the malware is to change the DNS servers in the router.This is the second time the FTC has gone after insecure routers.And the mechanism ultimately uses a secret passphrase.By Pedro Ribeiro of Agile Information Security.