Misfortune Cookie crumbles router security: ’12 MILLION+’ in hijack risk
John Leyden reports:
Infosec biz Check Point says it has discovered a critical software vulnerability that allows hackers to hijack home and small business broadband routers across the web.
The commandeered boxes can be used to launch attacks on PCs and gadgets within their local networks.
More than 12 million low-end SOHO routers worldwide are affected by the bug, dubbed Misfortune Cookie, we’re told. At least 200 different models of devices from various manufacturers and brands are vulnerable, including kit from D-Link, Edimax, Huawei, TP-Link, ZTE, and ZyXEL.
Anything connected to the network – PCs, phones, tablets, printers, security cameras, refrigerators, or any other networked device – is at risk from attack within that LAN, if a vulnerable router is compromised.
Read more on The Register.