Sign up for a new account or log in here:
also @ TechSpot: Amazon wants to build a trio of biospheres in downtown Seattle
A security researcher for German security firm Recurity Labs has disclosed several critical vulnerabilities in router products made by Huawei at the annual Defon hackers conference on Sunday.
The vulnerabilities -- a session hijack, a heap overflow and a stack overflow -- affect the Chinese networking and telecommunications firm's Huawei AR18 and AR28 series routers, which are widely used in Asia, Africa and the Middle East, although their relative cheapness is resulting in widespread use worldwide.
Felix Lindner, also known as “FX”, says all three flaws can be exploited to gain control of the devices via the internet as well as snoop on other people's traffic. He believes the problem is the use of “1990's-style code” in the firmware of certain VRP routers. Using one of these exploits it would be possible for a hacker to gain access to the routers, change the admin passwords and then reconfigure them to intercept all traffic running through the network.
Dan Kaminsky, chief scientist and security expert at DKH believes this presents a scary situation for ISP's extensively using these router products, and even more crucially their customers who will be completely unaware of the possibility that their activity could potentially be spied on.
“It's a big deal for routers to get broken into,” especially those made by the fastest growing router manufacturer, he said in a statement. “If you can get into a router you can take it over, monitor and alter peoples' traffic. You become a man-in-the-middle attacker who can spoof legitimate Web sites.”
Some earlier reports have speculated that the company builds back-doors into its products for the Chinese government to spy on. CNet asked Lindner about this during an interview, to which he replied: “They don't need to. You (just) need to have Huawei people running your network or help run your network. If you have so many vulnerabilities, they are the best form of (attack) vector.”
Huawei did not respond to requests for further comment at the time of writing.
Related Products from Product Finder
Cisco Linksys E4200 Wireless-N Router
The Cisco Linksys E4200 is a simultaneous Dual-Band N (2.4 & 5 GHz) wireless router, it packs 4 Gigabit Ethernet ports with a maximum speed up to 450 Mbps, it also has shared storage capabilities thru its USB port. Last but not least, there is a built-in UPnP AV media server.
Netgear DGN2000 Wireless-N Modem Router
Read expert reviews, pros & cons, and product information about Netgear DGN2000 Wireless-N Modem Router. There are 8 reviews available so far.
D-Link DIR-657 HD Media Router 1000
Read expert reviews, pros & cons, and product information about D-Link DIR-657 HD Media Router 1000. There are 11 reviews available so far.
Asus RT-N56U Dual-Band Wireless-N Router
Read expert reviews, pros & cons, and product information about Asus RT-N56U Dual-Band Wireless-N Router. There are 39 reviews available so far.
Most Popular
| Trending | Featured |
-
Xbox One: Entertainment hub first, gaming console second - but can it disrupt TV?
-
Metro: Last Light Tested, Benchmarked
-
Microsoft officially announces Xbox One: here's what we know so far
-
'Supercapacitor' could fully charge your phone in less than 30 seconds
-
Sony releases PS4 teaser video on eve of Xbox 720 reveal
Subscribe to TechSpot
Get free exclusive content, learn about new features and breaking tech news.