Security News

A denial-of-service vulnerability affecting SDKs for Realtek chipsets used in 65 vendors' IoT devices has been incorporated into a son-of-Mirai botnet, according to new research. Warning that the vuln had been included in Dark.IoT's botnet "Less than a week" after it was publicly disclosed, Radware said: "This vulnerability was recently disclosed by IoT Inspectors Research Lab on August 16th and impacts IoT devices manufactured by 65 vendors relying on the Realtek chipsets and SDK.".

A critical vulnerability in Cisco Small Business Routers will not be patched by the networking equipment giant, since the devices reached end-of-life in 2019. "The Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers have entered the end-of-life process. Customers are encouraged to migrate to the Cisco Small Business RV132W, RV160, or RV160W Routers."

A critical security vulnerability in Cisco Small Business Routers allows remote code execution and denial of service. The bug is one of six addressed by Cisco this week; it also issued an advisory for the critical BlackBerry QNX-2021-001 vulnerability unveiled earlier this week, which affects multiple vendors, well beyond Cisco.

In a security advisory published on Wednesday, Cisco said that a critical vulnerability in Universal Plug-and-Play service of multiple small business VPN routers will not be patched because the devices have reached end-of-life. "The Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers have entered the end-of-life process."

Gryphon Online Safety announced the launch of their newest product, the Gryphon AX. The Gryphon AX features the same comprehensive parental controls, next-generation firewall, and powerful mesh Wi-Fi as previous products, with the additional features of next-generation Wi-Fi 6 technology. The incorporation of Wi-Fi 6 has resulted in Gryphon's fastest router yet, with a 40% increase in Wi-Fi speed.

Taiwanese chip designer Realtek has warned of four vulnerabilities in three SDKs accompanying its Wi-Fi modules, which are used in almost 200 products made by more than five dozen vendors. Security firm IoT Inspector, based in Bad Homburg, Germany, disclosed the vulnerabilities to Realtek in May, and said more than 65 hardware makers' products incorporate the Realtek RTL819xD module, which implements wireless access point functions and includes one of the vulnerable SDKs. "By exploiting these vulnerabilities, remote unauthenticated attackers can fully compromise the target device and execute arbitrary code with the highest level of privilege," the biz said in its advisory, estimating - conservatively, we think - that almost a million vulnerable devices may be in use, including VoIP and wireless routers, repeaters, IP cameras, and smart lighting controls.
![S3 Ep45: Routers attacked, hacking tool hacked, and betrayers betrayed [Podcast]](/static/build/img/news/s3-ep45-routers-attacked-hacking-tool-hacked-and-betrayers-betrayed-podcast-small.jpg)

PacketFabric announced that it has released native support of IPsec VPN tunnels as a connection type for its Cloud Router product. "The cloud is all about scale and flexibility. But traditional cloud connectivity hasn't delivered scalability or flexibility. You've had to backhaul traffic through data centers, wait an entire ice age for circuits to provision, rely on unpredictable Internet, or deal with inflexible long-term telco-style contracts," said PacketFabric Chief Technology Officer and Chief Product Officer Anna Claiborne.

Unidentified threat actors are actively exploiting a critical authentication bypass vulnerability to hijack home routers as part of an effort to co-opt them to a Mirai-variant botnet used for carrying out DDoS attacks, merely two days after its public disclosure. Tracked as CVE-2021-20090, the weakness concerns a path traversal vulnerability in the web interfaces of routers with Arcadyan firmware that could allow unauthenticated remote attackers to bypass authentication.

Unidentified threat actors are actively exploiting a critical authentication bypass vulnerability to hijack home routers as part of an effort to co-opt them to a Mirai-variant botnet used for carrying out DDoS attacks, merely two days after its public disclosure. Tracked as CVE-2021-20090, the weakness concerns a path traversal vulnerability in the web interfaces of routers with Arcadyan firmware that could allow unauthenticated remote attackers to bypass authentication.