Millions Of Home Wi-Fi Routers Are Likely Vulnerable To Unpatched Linux Security Exploits

jack_christie

Forum Addict
Joined
Aug 1, 2006
Messages
9,620
the Fraunhofer Institute for Communication (FKIE) in Germany recently performed test of 127 home routers to probe them for their resistance to security threats. Of the routers the researchers tested, 91 percent of them were found to be running some version of Linux (which isn’t surprising).

not a single router was found to be free of security flaws.
https://hothardware.com/news/millions-of-home-wi-fi-routers-linux-exploits

pdf
https://www.fkie.fraunhofer.de/cont...omeRouter/HomeRouterSecurity_2020_Bericht.pdf
 
What you're saying is, they're on the Fritz?
 
Only last year that DLink settled a case with the FTC over their crap security.

D-Link agreed to continue to make security enhancements in its software security program and software development, with biennial, independent, third-party assessments, approved by the FTC.
https://en.wikipedia.org/wiki/D-Link#Vulnerabilities


So much for all the router group test on all the tech web sites.
 
Most people won't upgrade their routers. The only way to deal with this is for the ISPs to block suspicious traffic upstream.

I have some sympathies for the router makers, it's like asking Ford to still support the Pinto because someone is still driving one.
 
My 5 year old ASUS still receives frequent security updates, the latest one (that I installed after reading this thread) contains fixes for 2 CVE and some other vulnerabilities.
 
My Lancom auto-updates itself several times a year... but to be fair it's not really meant for home use.
 
I'm guilty of not updating my router's firmware.

After having an update go bad on my first router many years ago, I was hesitant to ever try it again out of fear of bricking the damn thing. Ever since I got my current Netgear router two years ago, they've sent me periodic emails saying "Hey, there's new firmware, you need to install it", and I never did it. Until the morning. With much fear and trepidation I started the process and nearly had a heart attack when it looked like history was repeating itself. The page warned me not to click away or reload the page or anything like that, and when it was almost done suddenly an error message popped up saying I had lost the connection.

verything wound up working and now I have auto updates turned on, but this is why I go by "If it ain't broke, don't fix it".
 
I use to recommend Apple Airports to people, regardless if they owned a Mac or not. They ran off some stripped down NetBSD variant and rarely had issues with updates. At worst, you had to set it up a second time.

Not sure if it was a security through obscurity thing, but I've never heard of an issue of them being hacked.
 
Top