Security researcher Kyle Lovett recently uncovered a vulnerability in DSL routers that leaves customers open to cyber-attacks. Over 700,000 of these routers around the world, mostly supplied by internet service providers (ISPs), contain a configuration flaw in a firmware component that gives hackers access to sensitive information.
Usernames and passwords, client and server credentials, and administrative credentials are just a few of the data points at risk. With this information, hackers can change a router’s domain name system which they could then use to redirect users to illegitimate servers.
The affected device models include:
- ZTE H108N and H108NV2.1;
- D-Link 2750E, 2730U and 2730E;
- Sitecom WLM-3600, WLR-6100 and WLR-4100;
- FiberHome HG110;
- Planet ADN-4101;
- Digisol DG-BG4011N; and,
- Observa Telecom BHS_RTA_R1A.
If you are using one of the above router models at home or at work, it is recommended that you do an internet search of the model name and number to find the most recent software update or patch, if available. By exploiting this vulnerability, hackers can potentially see your internet traffic, leading them to sensitive company information.
For more information on how to increase your information security efforts, visit the Cyber Threats section of your portal or contact your Client Services representative.
Marlia Fontaine-Weisse is the Content Manager for Preparis.