![]() ![]() In January 2020, researchers discovered that this Botnet was infecting routers using Tomato, another OpenSource firmware. Unfortunately, this didn’t prevent Muhstik malware from expanding. The researchers managed to slow down Muhstik expansion by shutting down some of its servers. It did this by scanning for vulnerable GPON devices, infecting them with malware, installing it, and in the end executing attacks. After that Muhstik used Web Authentication Brute Forcing to penetrate the DD-WRT firmware. This Botnet exploited an Authentication Bypass and Command Execution vulnerabilities to inject the GPON routers. In 2018, researchers from Palo Alto Networks announced that they discovered that the Muhstik Botnet is exploiting vulnerabilities in GPON routers one of them is found in the DD-WRT firmware. This last case isn’t a vulnerability found by researchers before being exploited but actually, a botnet malware infecting routers running DD-WRT. Muhstik Botnet Attacking Routers Running OpenSource Firmware There still hasn’t been any definitive conclusion to this dispute seems to be regarding the severity of this vulnerability. They refused to accept these findings since the vulnerability refers to an old version, requires administrative privileges, and doesn’t provide access beyond those of administrative users. This vulnerability could be escalated using a CSRF like the one used in an earlier vulnerability from 2012 ( CVE-2012–6297).Įven though this vulnerability has received a high ranking of 8.8, DD-WRT has disputed the legitimacy of this vulnerability. A remote attacker could execute arbitrary commands on this page using shell metacharacters in the host field of the ping command. This vulnerability was discovered on the diagnostics page of DD-WRT. CVE-2020–13976 - Remote Command Execution via Shell Metacharacters We will have a look at some of these vulnerabilities here. Firmwares like these also provide a higher level of security than regular routers which makes them hard to exploit but not impossible. It provides superior firmware to some WiFi routers and improves their built-in basic firmware. This firmware is suitable for many systems with many routers using it like Netgear Nighthawk, Asus, and Linksys routers. ![]() DD-WRT is a Linux-based alternative OpenSource firmware suitable for a great variety of WLAN routers and embedded systems. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |