Popular Realtek-Based Wireless Routers Vulnerable To Hacking Due To Flawed Firmware

A serious flaw has been discovered in the software component of some routers that feature a Realtek chipset. In particular, routers that utilize a Realtek RTL81XXX chipset and also use the 1.3 SDK (or older, potentially), are vulnerable to an exploit that could see executable code run as root.

Because it's not obvious what chipset most routers will use, ITworld shares an extremely helpful link that will let you search for whichever one you use. It should be stressed, though, that not every affected router may be listed here, and it still hasn't been ruled-out if versions older than the 1.3 SDK are vulnerable as well.

TRENDnet Router

Based on that list, TRENDnet and D-Link seem to have the greatest share of impacted routers, although some other common brands can be spotted as well. Interestingly, routers using a variant of this Realtek chipset were manufactured as far back as 2003, with it still proving a popular choice in 2014.

Here's something that might be even more disturbing than the vulnerability itself: security researcher Ricky Lawshae, who works for Hewlett-Packard's TippingPoint Digital Vaccine Labs, tried getting a response out of Realtek on this issue on four different instances. When he failed to hear back, he felt it was necessary to go public. It's not hard to blame him... this vulnerability could be taken advantage of right now, and we don't even know it.

In fact, in a wide scan, it was found that 480,000 routers exist on the Internet that are ripe for being exploited. In this particular usage case, the UPnP feature would be trigged remotely. Beyond that, another 350,000 routers are online that use potentially vulnerable older firmware.

If you happen to own a vulnerable router (as found on the above list), your best hope right now is to check the support page and make sure a firmware update isn't already available; if it isn't, contact the vendor itself and inquire about when one will become available.


Via:  ITworld
Show comments blog comments powered by Disqus