Home routers may be vulnerable to remote take-over
Security researchers have warned a design flaw in some home routers allows attackers to remotely control the devices by luring an attached computer to a rogue website running a malicious Flash program. The flaw concerns the uPnP setting.
The problem resides in Universal Plug and Play (uPnP), a feature built into most routers used for home networks so machines running games and instant messaging programs will work seamlessly with the devices. The researchers recommend that uPnP should be turned off, but warn that it may be turned on by default in some routers made by:
* Linksys
* Dlink
* SpeedTouch
By exposing an end user to a malicious Flash file lurking on a website, attackers can use UPnP to make significant modifications to the router. For example, it would be possible to change the router so that when you think you are looking at eBay or an online banking site, you are actually looking at a spoofed website waiting to steal your account details. Other possible uses would be to open ports on a router so that it could be used to relay spam and hide the true source of the spammer.
18th February 2008