Chinese Manufactured Routers Have Backdoor

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

A line of routers from a China-based manufacturer has a serious flaw that could allow a hacker to monitor someone’s Internet traffic, according to research from Trend Micro.

The routers are sold under the Netcore brand name in China and Netis outside of the country, wrote Tim Yeh a threat researcher.

The Netcore and Netis routers have an open UDP port listening at port 53413, which can be accessed from the Internet. The password needed to open up this backdoor is hardcoded into the router’s firmware.

Using the backdoor, hackers could upload or download hostile code and even modify the settings on vulnerable routers in order to to monitor a person’s Internet traffic as part of a so-called man-in-the-middle (MitM) attack.

By attempting MitM attack, a potential attacker could intercept users’ internet communication, steal sensitive information and even hijack sessions.
The researchers scanned the Internet and had indicated that millions of devices worldwide are potentially vulnerable.

The researcher wrote:
“Using ZMap to scan vulnerable routers, we found more than two million IP addresses with the open UDP port,” Yeh wrote in a blog post. “Almost all of these routers are in China, with much smaller numbers in other countries, including but not limited to South Korea, Taiwan, Israel, and the United States.”

Exploiting this flaw is not too difficult, as a simple port scan can reveal the open UDP ports to anyone using such an online tool.

The following two tabs change content below.

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]