An estimated more than 12 million routers, among others, D-Link, Huawei, TP-Link, ZTE and Zyxel are to fall by in an http packet with a modified cookie file to send. The attack allows a hacker full access to the admin interface.
The bug, that Misfortune Cookie is called, it has been discovered by researchers from Check Point Software. The weavingfault is located in RomPager, an embedded web server which is in millions of routers and gateways. By a custom cookie in an http packet to a vulnerable device to send, it creates a memory error. This admin-rights given to each session, allowing an attacker a router or gateway is easy to reconfigure.
Check Point is called Misfortune Cookie is a serious vulnerability, partly due to the simplicity of the attack and because it is estimated that there surely 12 million devices are vulnerable by the bug in RomPager. Only through a firmware update from the manufacturer’s devices can be updated. In some cases, a service provider or manufacturer this procedure remotely, but there are also situations in which a user can manually update by flashing the firmware should run.
Until now, Check Point by means of a scan on various ports and vulnerable network devices, among others, D-Link, Huawei, TP-Link, ZTE and Zyxel are found in more than 200 different product types. The model numbers are in a pdf document.