Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

Security Features

Is Your Router One In A Million?You may have seen a Forbes article about the security exploit described in a Black Hat How to Hack Millions of Routers talk. But there is no need to panic.

Andy Greenberg's Forbes article does a nice job of raising the red flag about a security issue that may still be lurking in many old routers sitting out there in the cloud.

The exploit that will be described in Craig Heffner's Black Hat talk at the end of this month uses a DNS rebinding technique to redirect a web page to a vulnerable router's web-based administration interface.

It's important to note that the vulnerability being demonstrated in the talk is DNS rebinding. Routers just happen to be an attention-grabbing subject. As Heffner explained in this pfsense forum thread:

While my talk is focused on attacking routers, there is no exploit in any router per-se, and it is not necessarily restricted to attacking routers. The exploit is DNS rebinding, which circumvents the same-origin policy in a client's Web browser by exploiting the trust inherently placed in the DNS protocol.

Also note that the talk summary clearly states that this only provides access to the router's administrative interface; an attacker would still need to exploit the router or log in to it via default/weak credentials in order to do anything.

The Google Docs spreadsheet below containing the routers tested by Heffner shows relatively old routers that were vulnerable to the exploit (Successful = Yes). But of particular note is that DD-WRT V24 and OpenWRT Kamikaze r16206 are both vulnerable.

Whether or not your router is on the list, there is one simple way to lower your chances of being a victim of this exploit—change your router's admin password to a strong one.

If you're really into the subject, you might want to read an 2008 paper by Heffner and Derek Yap, Security Vulnerabilities in SOHO Routers. It describes the many vulnerabilities that still can be found in many routers.

More Stuff

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

View attachment 14790 ‚Äč Qualcomm announced today their first 60GHz Wi-Fi chipsets based on the 802.11ay-draft specification.QCA64x8 series (QCA6438 a...
Continuation of. . .https://www.snbforums.com/threads/custom-firmware-build-for-r7800-v-1-0-2-60sf.48805/New version of my custom firmware build: 1.0....
As in subject, all my 5GHz clients as shown as wired. ASUS RT-AC87U, running Merlin 384.7.The first two are wired, the rest 5GHz.Am I only having this...
@Martineau I really could use your expertise on solving this problem I have been working on for a while. Or anyone else who might know what I am missi...
Hello,I need to access my RT-AC68U in SSH. So I configured the router as follows:Enable SSH = LAN OnlyAllow SSH Port Forwarding = Yes (not sure this i...

Don't Miss These

  • 1
  • 2
  • 3