Security researchers from Trustwave revealed that certain models of ASUS routers are vulnerable to malicious attacks. The bugs in the routers are related to its firmware update process. In a security advisory, the researchers stated that they found security vulnerabilities in the ASUS RT-AC1900P router model of version 18.104.22.168.385_10000-gd8ccd3c. The two vulnerabilities, dubbed CVE-2020-15498 and CVE-2020-15499, in the routers’ firmware could have allowed attackers to perform malicious attacks.
Trustwave researchers said the vulnerability CVE-2020-15498 allows the router to accept forged server certificates for the firmware update. This enables cybercriminals to launch a man-in-the-middle attack (MITM) using no-check-certificate option passed to the wget tool and later download firmware update files on the router by connecting the device to a malicious network. The vulnerability CVE-2020-15499 shows the firmware release notes dialog in the router management web interface, which is susceptible to cross-site scripting.
Trustwave recommended users to immediately upgrade the router’s firmware to version 22.214.171.124.385_20253 or the latest stable release to avoid any malicious intrusions.
Target on Home Routers
Recently, cybersecurity solutions provider Trend Micro warned users about a new wave of attacks targeting home routers. In its research report “Worm War: The Botnet Battle for IoT Territory,” Trend Micro revealed that cybercriminals are using home routers to build botnets. The research found a surge in cyberattacks by exploiting routers, particularly in Q4 2019. Attackers made brute force log-in attempts against routers by using automated software to try common password combinations. The number of attacks increased from around 23 million in September to nearly 249 million attacks in December 2019. In March 2020, around 194 million brute force login attacks were reported.