[SingCERT] Vulnerabilites in Routers (Updated)

Published on Wednesday, 25 February 2015 19:51

[ Update ] Aztech has released a new firmware to fix the reported vulnerability.

[ Background ]

It is reported that a few routers that may have been provided by Singapore ISPs are found to contain vulnerabilities or insecure configuration.

[ Affected Products ]

Products with vulnerabilities

  • Zhone zNID GPON 24xx, 24xxA, 42xx, 42xxA, 26xx and 28xx series (CVE-2014-8356, CVE-2014-8357, CVE-2014-9118)
  • Asus WL-330NUL

Insecure Configuration

  • Aztech FG7008GR(AC)

[ Recommendations ]
Users can mitigate the risks by

  • Disabling remote access to the router, such as remote web administration, ssh and telnet; and
  • Changing the router’s default administrator password
  • Users can contact their ISPs to check if they are affected and the measures they need to take

[ References ]