Together with Chip, the IoT Inspector company has examined the firmware of nine popular WLAN routers for the software versions they contain and the associated potential security gaps – and identified 226 possible vulnerabilities in the process. The manufacturers of the popular router models are partially improving them with updated firmware.
Updates for affected devices
The following devices were examined: Asus ROG Rapture GT-AX11000, AVM Fritzbox 7530 AX and 7590 AX, D-Link DIR-X5460, Edimax BR-6473AX, Linksys Velop MR9600, Netgear Nighthawk AX12, Synology RT-2600ac and TP Link Archer AX6000. The testers found weak points in every device; measured by their number, the two Fritz boxes performed best.
Updated firmware is now available from the respective manufacturer for each router model tested, explains IoT Inspector. Users should download these updates if necessary and apply them promptly. It is advisable to activate the automatic update of the WLAN router at the same time, if this has not already been done.
The danger emanating from the problems found can only be assessed to a limited extent because the automated, static analysis of the firmware files used only provides indications of possible weak points. For example, it recognizes the software version used on a web server running on the router. It can then assign known vulnerabilities to the recognized version number.
Not every find is really critical
However, it is not possible to find out whether a manually patched packet is running on the router or someone can access the software without login data, i.e. whether the vulnerability actually exists and can be exploited. For example, the test finds three security holes in a Fritzbox 7530 AX and rates them as “high risk”. However, it is by no means clear whether this poses a specific risk at all in this deployment scenario. An analysis of whether and how this loophole could be exploited apparently did not take place.
It is therefore conceivable that the gaps occur in parts of the system that are not used at all or are not accessible to attackers. Of course, AVM would still do well to eliminate them; However, it is not yet possible to reliably deduce from this data whether there is actually a reason for an alarm. However, such an investigation will definitely provide clues for a further safety check on the part of the manufacturer.
Security researchers repeatedly identify such weak points in routers due to vulnerable software versions or permanently stored passwords. Around a year and a half ago, the Fraunhofer Institute for Communication, Information Processing and Ergonomics (FKIE) was able to use automated analyzes to track down various problems in the firmware images of 127 routers that were current at the time. Even then, the AVM routers performed best and had the fewest potential security gaps.
(dmk)
