Router Firmware Vulnerabilities Continually Neglected By Manufacturers

According to a report by Insignary, a firm that performs binary-level code scanning, most wireless router vendors have yet to patch old router firmware vulnerabilities, leaving users open to a variety of threats.

Insignary states stock firmware built into wireless routers contain open-source components that contain known security vulnerabilities. Hackers can exploit these vulnerabilities fairly easily.

Avoid router firmware vulnerabilities from Netgear, Linksys, Asus.

The firm conducted binary code scans to detect known security vulnerabilities in wireless routers. These scans were performed on a range of the most popular models of consumer and enterprise wireless routers.

Much More Than A Vulnerability

Furthermore, the security firm states that while the recent KRACK attack may potentially be the most harmful WPA2 security vulnerability, firmware flaws actually pose a larger threat. Insignary states that router firmware vulnerabilities are more extensive and dangerous.

“While KRACK WPA2 is the latest WiFi security vulnerability, it appears to be just the tip of the iceberg, compared to what currently exists in router firmware,” said Tae-Jin Kang, CEO of Insignary.

Time To Make A Change

The issue with these router firmware vulnerabilities has been evident for several years. Ultimately, Insignary states that the company has been monitoring wireless router issues since the 2015 botnet attack.

Vulnerabilities found in tests completed in 2015-2016 have still been detected in scans performed as recently as last year.

“So we decided it was time to raise awareness. This is a serious problem. We are talking about well-known security issues that still exist in the routers,” warns Tae-Jin Kang

Insignary’s Router Study

The binary-scans run by Insignary found that the majority of the top manufacturer’s popular devices contained router firmware vulnerabilities. Most of these models contained “high” and “middle” security vulnerabilities. Moreover, these products are vulnerable to potential security threats.

From here on, the study shows that a vast majority of the model’s used open-source components with over ten different “high” security vulnerabilities.

Half of the scanned firmware contained “critical” security vulnerabilities. Moreover, some of these vulnerabilities include:

  • WPA2 (KRACK) – Key re-installation attack;
  • ffmpeg – Denial of Service attack (network disrupted with useless traffic);
  • openssl – Denial of Service, buffer overflow and remote code execution;
  • Samba – Remote code execution (a hacker remotely executing code via system vulnerabilities).

Avoid Router Firmware Vulnerabilities With Open-Source Firmware

Brian Knopf, senior director of security research at Neustar, states that:

“Vendors rarely support and update routers after the first two years at most”

That being said, routers are often used for far longer than two years at a time. How crazy is that!

This is where the open source communty comes in to fill in the void and keep these more than capable devices upgraded and secure. The best way to evade these firmware vulnerabilities and planned obsolescence is to upgrade your wireless router with open-source firmware, such as DD-WRT. Consequently, open-source development allows for faster patches and fixes of common security flaws.

Avoid Router Firmware Vulnerabilities With A FlashRouter

Use an Open Source VPN Router. Avoid router firmware vulnerabilities with DD WRT.

Luckily for you, all FlashRouters come pre-flashed with enhanced, secured community-vetted firmware.

The installation of DD-WRT on your router not only prevents security vulnerabilities, it also upgrades your router’s capabilities. Furthermore, Open Source firmware enables FlashRouters to use Virtual Private Networks (VPNs) like PrivateInternetAccess and SaferVPN.

Ultimately, this adds an extra layer of security to your home network. Have any questions or concerns? Feel free to contact the FlashRouters team for more information!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.