Security holes could let hackers into home broadband rotuers made by Cisco, Linksys, Netgear and other popular manufacturers.
Flaws have been found in routers by manufacturers such as Cisco, Linksys, Netgear, Diamond, LevelOne and OpenWAG that would enable hackers to remotely reset the router to default settings without the need for an admin password.
According to a post on Hacker News, the common link between the routers is that Sercomm manufactured them under contract.
The flaw was unearthed by security researcher Eloi Vanderbeken. He published a hack on Github that would reset devices back to their factory settings that would allow easy remote access to the routers.
Vanderbeken found the flaw when trying to access a Linksys WAG200G router he had forgotten the password for. The router was listening on port 32764, which is an undocumented service.
By reverse engineering the code, the researcher managed to find a way to send commands to the router without having to authenticate himself as an administrator. Using this code allowed him full access to the router, in which time he had reset the router’s password and access the admin console.
Since his initial findings on the WAG 200G, the researcher has also confirmed that versions of the Cisco WAP4410N-E, Linksys WAG120N, Netgear DG834B, Netgear DGN2000 and Open WAG200 also have backdoors and are vulnerable to remote attack.