BugTraq
ASUS RT Series Routers FTP Service - Default anonymous access Feb 12 2014 09:29PM
kyle Lovett (krlovett gmail com) (1 replies)
Re: ASUS RT Series Routers FTP Service - Default anonymous access Feb 12 2014 09:34PM
kyle Lovett (krlovett gmail com)
Correction: I meant to say 2013, not 2012. I apologize for the error.

On Wed, Feb 12, 2014 at 4:29 PM, kyle Lovett <krlovett (at) gmail (dot) com [email concealed]> wrote:
> Five ASUS RT series routers suffer from a vendor vulnerability that
> default FTP service to anonymous access, full read/write permissions.
> The service, which is activated from the administrative console does
> not give proper instructions nor indications that the end user needs
> to manually add a user to the FTP access table.
>
> The vendor was first alerted to this issue in late June of 2012, and
> then four other times officially from July 2012 to December 2012. It
> was not until January of this year, when the editors for the Norwegian
> publication IDG/PC World went to ASUS that any official response came.
>
> This vulnerability has been exploited aggressively for sometime now,
> and as a rolling count which has been kept ongoing since July 2012,
> over 30,000 unique IP address, at one time or another have had their
> FTP service shared.
>
> The FTP services, when not secured, allows for full read/write access
> to any external storage devices attached to the usb drives on the
> router.
>
> The vendor has issued an official (beta) patch for the RT-AC68U as of
> mid-January, and plans on additional patches in the coming week.
>
> Models Include:
>
> RT-AC68U
> RT-AC56U
> RT-AC66U
> RT-N66U
> RT-N16
>
> CWE-287: Improper Authentication
> CVSS v2 Vector (AV:N/AC:L/Au:N/C:C/I:C/A:N/E:H/RL:OF/RC:C)
>
> CVSS Base Score 9.4
> Impact Subscore 9.2
> Exploitability Subscore 10
> CVSS Temporal Score 8.2
> Overall CVSS Score 8.2
>
> Many have reported malware being uploaded into the sync share folders,
> large amounts of unauthorized file sharing and most importantly the
> theft of entire hard drives of personal information. Over 7,300 units
> are still vulnerable to this weakness as of today.
>
> It is strongly urged that those with any of the above routers check to
> ensure that their FTP service has been secured.
>
> Links:
> https://www.asus.com/Networking/RTAC68U/#support
> http://www.idg.no/pcworld/article281004.ece
> http://www.thinkbroadband.com/news/6229-new-asus-router-firmware-to-fix-
ftp-security-issue.html
> http://www.pcworld.com/article/2087180/asus-simplifies-router-configurat
ion-to-protect-external-hard-drives.html
>
> Research Contact - Kyle Lovett
> Discovered - June, 2012

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus