• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

LG LR Series WAN Router Data Stream Denial Of Service Vulnerability

The LR series WAN routers are hardware and firmware solutions manufactured and distributed by LG Electronics.

It has been discovered that when a stream of data is sent to the router on certain ports, the router becomes unstable. By sending a stream of data to port 23/TCP (and also port 80/TCP on some models), which is accessible by default, the router reacts unpredictably. This type of attack typically results in a crash of the router.

It has been theorized that this issue is a bug in the TCP/IP stack of the device, and possibly an exploitable buffer overflow.