French researcher finds gaping holes in security of DSL modems

http://www.flickr.com/photos/mapper-montag/517393048/

 Whilst several vulnerable backdoors in various DSL (broadband) modems were revealed by security researchers last year, would-be hackers required relatively unfettered direct IP access to the device to carry out an attack.

Now a French researcher has discovered a series of wireless flaws on DSL modems from Linksys, Netgear and other vendors, which effectively gives attackers administration level access by simply resetting the modem's configuration settings, so bypassing the firewall settings of the unit.

The vulnerability particularly affects public access WiFi services, SCMagazineUK.com notes, since these units are designed to allow password-less access to the unit across wireless channels, prior to logging in. This raises the spectre of a complete takeover of a public access WiFi hotspot and covert monitoring of all user IP traffic as a result.

Tags: