125 New Flaws Found in Routers and NAS Devices from Popular Brands (Sep 17, 2019)
Security researchers at Independent Security Evaluators have discovered a total of 125 different security vulnerabilities across 13 Small Office Home Office (SOHO) routers and Network Attached Storage (NAS) devices, likely affecting millions. The manufacturers of the affected devices are ASUS and subsidiary Asustor, Buffalo, Drobo, Lenovo, Netgear, QNAP, Seagate, Synology, TerraMaster, Xiaomi, Zioncom, and Zyxel. In the report, the researchers explain that the 13 devices they tested each had at least one web application vulnerability that could allow a threat actor to gain remote shell access or access to the administrative panel of the affected device. The vulnerabilities range from authentication bypass, buffer overflow, Cross-Site Request Forgery (CSRF), Cross-Site Scripting (XSS), file upload path traversal, Operating System Command Injection (OS CMDi), and SQL injection (SQLi) vulnerabilities. Independent Security Evaluators reported each of the discovered vulnerabilities to affected device manufacturers, who have in turn begun the processes of mitigating the vulnerabilities.
Recommendation: It is important that your company has patch-maintenance policies in place. Once a vulnerability has been reported, threat actors will likely attempt to incorporate the exploitation of the vulnerability into their malicious operations. Patches should be reviewed and applied as soon as possible to prevent potential malicious activity.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.