[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ASUS RT Series Routers FTP Service - Default anonymous access
- To: bugtraq <bugtraq@xxxxxxxxxxxxxxxxx>
- Subject: Re: ASUS RT Series Routers FTP Service - Default anonymous access
- From: kyle Lovett <krlovett@xxxxxxxxx>
- Date: Wed, 12 Feb 2014 16:34:34 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=hNGmIP2tzGO+hz6gu2JoKCg4eX1h6QSBb0ZMwhvZej0=; b=tyDqxfbtGOGptCxSFvxb8KB00CuZMVPaCexMhFz2j9jJvWDXVaNkjjtKqNpkZplsDG EjTgZ41EYNhF0W3mD50lfCamDyPwuqn0Icx7plQgsfEDrO8JNwfnjJPh6hwR2S6wcLX9 1xw8CORrBz7lTwzvABc5PWl5i7M2oQvsxPqO+WinEO9BoIchfz34II9z9pGMpD7evPAt D/iBbZKXvopO2ToUSge79IILexhTVZYncEploM7cEjnFIogCLYSlgrRA+40Ppp67dQ4x i23QY3oDH71VY+XcVnVTPVzHAl3c5PG6X3By2I2bYvTiApAU0lvjp8YPBe+IhcLvTRy/ SOIA==
- In-reply-to: <CAD-LzdQFACVwiXCFenpL2fdVocN-OywP03AQ6o1m=57O9fJJxQ@mail.gmail.com>
- List-help: <mailto:email@example.com>
- List-id: <bugtraq.list-id.securityfocus.com>
- List-post: <mailto:firstname.lastname@example.org>
- List-subscribe: <mailto:email@example.com>
- List-unsubscribe: <mailto:firstname.lastname@example.org>
- Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
- References: <CAD-LzdQFACVwiXCFenpL2fdVocN-OywP03AQ6o1m=57O9fJJxQ@mail.gmail.com>
Correction: I meant to say 2013, not 2012. I apologize for the error.
On Wed, Feb 12, 2014 at 4:29 PM, kyle Lovett <krlovett@xxxxxxxxx> wrote:
> Five ASUS RT series routers suffer from a vendor vulnerability that
> default FTP service to anonymous access, full read/write permissions.
> The service, which is activated from the administrative console does
> not give proper instructions nor indications that the end user needs
> to manually add a user to the FTP access table.
> The vendor was first alerted to this issue in late June of 2012, and
> then four other times officially from July 2012 to December 2012. It
> was not until January of this year, when the editors for the Norwegian
> publication IDG/PC World went to ASUS that any official response came.
> This vulnerability has been exploited aggressively for sometime now,
> and as a rolling count which has been kept ongoing since July 2012,
> over 30,000 unique IP address, at one time or another have had their
> FTP service shared.
> The FTP services, when not secured, allows for full read/write access
> to any external storage devices attached to the usb drives on the
> The vendor has issued an official (beta) patch for the RT-AC68U as of
> mid-January, and plans on additional patches in the coming week.
> Models Include:
> CWE-287: Improper Authentication
> CVSS v2 Vector (AV:N/AC:L/Au:N/C:C/I:C/A:N/E:H/RL:OF/RC:C)
> CVSS Base Score 9.4
> Impact Subscore 9.2
> Exploitability Subscore 10
> CVSS Temporal Score 8.2
> Overall CVSS Score 8.2
> Many have reported malware being uploaded into the sync share folders,
> large amounts of unauthorized file sharing and most importantly the
> theft of entire hard drives of personal information. Over 7,300 units
> are still vulnerable to this weakness as of today.
> It is strongly urged that those with any of the above routers check to
> ensure that their FTP service has been secured.
> Research Contact - Kyle Lovett
> Discovered - June, 2012