Last week, researchers at vpnMentor disclosed details of—an authentication bypass (CVE-2018-10561) too a root-remote code execution vulnerability (CVE-2018-10562)—in many models of Gigabit-capable Passive Optical Network (GPON) routers manufacturer past times South Korea-based DASAN Zhone Solutions.
If exploited, the start vulnerability lets an assailant easily bypass the login authentication page simply past times appending ?images/ to the URL inwards the browser's address bar.
However, when coupled alongside the instant flaw that allows command injection, unauthenticated attackers tin remotely execute malicious commands on the affected device too modified DNS settings, eventually allowing them to direct hold amount command of the device remotely.
Shortly afterward the details of the vulnerabilities went public, safety researchers at Chinese information technology safety theatre Qihoo 360 Netlab establish that threat actors direct hold started exploiting both the flaws to add together the vulnerable routers into their botnet malware networks.
The researchers fifty-fifty published a video demonstration showing how the laid on works.
Here's How to Secure Your GPON Wi-Fi Router
What's worse? At the fourth dimension of writing, almost a i yard 1000 vulnerable GPON routers are however exposed on the Internet too tin endure easily hijacked.
However, fifty-fifty if in that place is no official piece available, users tin protect their devices past times disabling remote direction too using a firewall to forbid exterior access from earth Internet.
Making these changes to your vulnerable router would limit access to the local network only, inside the hit of your Wi-Fi network, effectively reducing the laid on surface past times eliminating remote attackers.
If you lot are unsure most these settings, vpnMentor has done this project for you lot past times providing an online "user-friendly" solution that automatically modifies your router settings on your behalf, keeping you lot away from remote attacks.
"It was created to assist mitigate the vulnerabilities until an official piece is released," the researchers said. "This tool disables the spider web server inwards a agency that is non tardily to reverse, it tin endure done alongside or thus other piece script, but if you lot are non comfortable alongside the command business nosotros propose firewalling your device until an official piece is released."To purpose this tool, all you lot demand opened upwards this web page, too scroll downwards to the input shape bespeak for the IP address of your exposed GPON router (local LAN address, non WAN), a novel password for SSH/Telnet on your router.
In a dissever tab opened upwards your router's spider web interface using https inwards the URL too and thus press "Run Patch" on the vpnMentor to transcend away along too apply changes.
You tin apply the piece to secure your devices, but it should endure noted that it is non an official piece from the manufacturer too nosotros produce non encourage users to run whatever third-party scripts or patches on their devices.
So, users should either expect for official fixes or apply changes manually, when possible.
