Sign up to our newsletter
ESET has tested more than 12,000 home routers of users who agreed to share their data anonymously for statistical purposes.
The results prove that 15% of the tested routers used weak passwords, with “admin” left as the username in most cases.
During the test, common default usernames and passwords, as well as some frequently used combinations, were tested. It’s disturbing that more than one in seven of such simple simulated attacks was successful.
The analysis also revealed that approximately 7% of the routers tested show vulnerabilities of high or medium severity.
Most of the software vulnerabilities – slightly over 50% – that were discovered during testing by ESET, were bad access rights vulnerabilities.
The second most frequent vulnerability (40%) discovered was a command injection vulnerability. Command injection aims for the execution of arbitrary commands on the host operating system via a vulnerable application, largely with insufficient input validation.
Nearly 10% of all the software vulnerabilities found were so called cross-site scripting (XSS) vulnerabilities that enable attackers to modify router configuration in order to be able to run a forged client-side script.
Furthermore, port scanning revealed that in many cases network services were accessible from internal as well as from external networks.
In particular, unsecured services such as Telnet shouldn’t be left open, not even to local network, which was – unfortunately – the case on more than 20% of the tested routers.
The results clearly show that routers can be attacked fairly easily, by exploiting one of the frequently found vulnerabilities. This makes them an Achilles heel in the overall internet security of households, as well as small businesses.
Unfortunately, this has also proven to be true during a recent case ESET researchers analyzed. More on this specific campaign will be published later this week.
Users should make sure that they use strong passwords to protect their home routers, as well as using the latest firmware. Regular scans using security solutions might reveal other router vulnerabilities, malicious configurations and/or exploitable network services, as well as offer advice on how to resolve them.
Author Peter Stancik, ESET