Small office/home office (SOHO) routers are a staple networking appliance for
millions of consumers. They are often the single point of ingress and egress
from a SOHO network, manage domain name resolution, firewall protections,
dynamic addressing, wireless connectivity, and of course, routing. Their
heavy use in the consumer market and targeted demographic of non-computer
savvy users has not surprisingly led to very easy-to-use, nearly turnkey
solutions. As they’ve developed over the past decade, new and more features
have been added to these devices that make each router one step above its
previous iteration, and the competition – or so one would believe. Through
our research, we discovered 55 previously unpublished security
vulnerabilities in SOHO devices that demonstrate how the rich service and
feature sets (e.g., SMB, NetBIOS, HTTP(S), FTP, UPnP, Telnet, etc.)
implemented in these routers come at a significant cost to security. The
incorporation of additional services within these SOHO routers expose attack
surfaces that a malicious adversary can leverage to compromise the router
core, and gain a foothold in the victim network.
Read
More >