- The set of newly discovered vulnerabilities affects devices offered by vendors like Belkin, TP-Link, Asus, and Linksys.
- A total of 125 vulnerabilities have identified across 13 wireless routers and NAS devices.
As the Internet-connected devices become smarter and efficient, the potential attack surface for cyberattackers increases. A group of researchers has uncovered that the number of vulnerabilities has increased by two times as compared to five years earlier.
What does the finding say?
In 2013, research firm Independent Security Evaluators (ISE) had published a study about the vulnerabilities across 13 SOHO wireless routers and NAS devices. The study ‘SOHOplessly Broken 1.0 had revealed that these devices offered by vendors like Belkin, TP-Link, Asus, and Linksys were affected by a total of 52 vulnerabilities.
However, in a follow-up study, the ISE has examined that the same number of devices are now affected by a total of 125 vulnerabilities.
“We focused on these types of devices because of their security implications to networks and because we wanted to see what improvements, if any, had been made to the security performance of these devices since our prior research efforts,” highlighted the researchers in a blog post.
“Despite the increased attention to security claimed by device manufacturers, these IoT devices do not have sufficient security controls to prevent remote exploitation,” researchers added.
What are the vulnerabilities?
All 13 of the devices were evaluated to have at least one web application vulnerability such as cross-site scripting (XSS), operating system command injection (OS CMDi), or SQL injection (SQLi). These vulnerabilities could be leveraged by an attacker to get remote access to the device’s shell or gain access to the device’s administrative panel.
"Our results show that businesses and homes are still vulnerable to exploits that can result in significant damage. These issues are completely unacceptable in any current web application. Today, security professionals and developers have the tools to detect and fix most of these types of issues that we found, exploited, and disclosed six years ago. Our research shows that they are still regularly found in IoT devices,” said ISE researcher Rick Ramgattie, ZDNet reported.
What are the affected devices?
The devices included for the study in ‘SOHOplessly Broken 2.0’ were:
- Buffalo TeraStation TS5600D1206 (firmware version 3.61-0.08);
- Synology DS218j (firmware version 6.1.5);
- TerraMaster F2-420 (firmware version 3.1.03);
- Zyxel NSA325 v2 (firmware version 4.81);
- Drobo 5N2(firmware version 4.0.5-13.28.96115);
- Asustor AS-602T (firmware version 3.1.1);
- Seagate STCR3000101 (firware version 18.104.22.168);
- QNAP TS-870 (4.3.4.0486);
- Lenovo ix4-300d(4.1.402.34662);
- ASUS RT-AC3200 (22.214.171.124.382.50010);
- Netgear Nightawk R900 (126.96.36.199);
- TOTOLINK A3002RU (1.0.8);
- Xiaomi Mi Router 3 (2.22.15).
The research team has responsibly disclosed all of the vulnerabilities to the device manufacturers. Most vendors have acknowledged the issue and are working on addressing the vulnerabilities.