Millions of routers vulnerable to attack with manipulated cookies

Spread the love

It is estimated that more than 12 million routers from D-Link, Huawei, TP-Link, ZTE and Zyxel can be attacked by sending a modified cookie file in an HTTP package. The attack method can give a hacker full access to the admin interface.

The bug, dubbed the Misfortune Cookie, was discovered by researchers at Check Point Software. The flaw can be found in RomPager, an embedded web server found in millions of routers and gateways. Sending a custom cookie in an http packet to a vulnerable device causes a memory error. This gives admin rights to each session, allowing an attacker to easily reconfigure a router or gateway.

Check Point calls Misfortune Cookie a serious vulnerability, partly due to the simplicity of the attack and because it is estimated that at least 12 million devices are vulnerable to the bug in RomPager. Devices can only be updated via a firmware update from the manufacturer. In some cases, an ISP or manufacturer can initiate this procedure remotely, but there are also situations that require a user to manually update by flashing the firmware.

So far, through a scan of various ports, Check Point has found vulnerable network equipment from D-Link, Huawei, TP-Link, ZTE and Zyxel, among others, in more than 200 different product types. The model numbers can be found in a PDF document.

You might also like
Exit mobile version