SOHO Routers Archives - Security Affairs

Pierluigi Paganini September 23, 2021

CVE-2021-40847 flaw in Netgear SOHO routers could allow remote code execution

CVE-2021-40847 flaw in Netgear SOHO routers could be exploited by a remote attacker to execute arbitrary code as root. Security experts from consulting firm GRIMM have discovered a vulnerability in Small Offices/Home Offices (SOHO) Netgear routers that could be exploited by a remote attacker to execute arbitrary code as root The flaw, tracked as CVE-2021-40847, […]

Pierluigi Paganini September 17, 2019

Experts found 125 new flaws in SOHO routers and NAS devices from multiple vendors

Researchers discovered many flaws in over a dozen small office/home office (SOHO) routers and network-attached storage (NAS) devices. Security experts have discovered multiple vulnerabilities in over a dozen small office/home office (SOHO) routers and network-attached storage (NAS) devices. The research is part of a project dubbed SOHOpelessly Broken 2.0 conducted Independent Security Evaluators (ISE). In […]

Pierluigi Paganini December 12, 2018

Novidade, a new Exploit Kit is targeting SOHO Routers

Security experts at Trend Micro have discovered a new exploit kit, dubbed Novidade (“novelty” in Portuguese), that is targeting SOHO routers to compromise the devices connected to the network equipment. The Novidade exploit kit leverages cross-site request forgery (CSRF) to change the Domain Name System (DNS) settings of SOHO routers and redirect traffic from the connected […]

Pierluigi Paganini November 20, 2018

TP-Link fixes 2 Remote Code Execution flaws in TL-R600VPN SOHO Router and other issues

TP-Link has addressed several vulnerabilities, including a remote code execution flaw, in its TL-R600VPN small and home office (SOHO) router. TP-Link as fixed four security vulnerabilities in the TL-R600VPN small and home office (SOHO) router that were reported by experts at Cisco Talos. The vulnerabilities are two remote code execution (RCE) flaws(CVE-2018-3950, CVE-2018-3951), a denial-of-service issue (CVE-2018-3948), and a server information disclosure bug (CVE-2018-394). The DOS and server information […]

Pierluigi Paganini May 13, 2015

Mass-Scale Abuse of poorly configured SOHO Routers

Several dozen Imperva Incapsula customers were targeted by a DDoS botnet comprised of tens of thousands of hijacked SOHO routers. Security experts at Incapsula firm spotted a DDoS botnet composed of tens of thousands of malware-infected Small Office / Home Office SOHO routers engaged in application layer HTTP flood attacks. The SOHO routers were infected with a strain […]

Pierluigi Paganini November 05, 2014

Two Linksys routers running SMART Wi-Fi Firmware are still vulnerable to remote attacks

Two models of Linksys routers running SMART Wi-Fi Firmware remain vulnerable to a pair of vulnerabilities recently patched by the company. Linksys EA2700 and EA3500 are the two routers running Linksys SMART Wi-Fi firmware that are still affected by a couple of vulnerabilities recently patched in different models of the Belkin-owned networking gear. On October 31th, […]

Pierluigi Paganini October 24, 2014

NAT-PMP Protocol Vulnerability affects more than 1.2 Million SOHO devices

Security researchers at Rapid7 have discovered a serious NAT-PMP Protocol vulnerability that puts 1.2 Million SOHO routers at risk. Another serious security flaw is threatening more than 1.2 million SOHO Routers worldwide, the vulnerability is related to the “improper NAT-PMP protocol implementations and configuration flaws“, as explained by Jon Hart, a researcher at Rapid7. Hart explained the that […]

SOHO Routers

CVE-2021-40847 flaw in Netgear SOHO routers could allow remote code execution

Experts found 125 new flaws in SOHO routers and NAS devices from multiple vendors

Novidade, a new Exploit Kit is targeting SOHO Routers

TP-Link fixes 2 Remote Code Execution flaws in TL-R600VPN SOHO Router and other issues

Mass-Scale Abuse of poorly configured SOHO Routers

Two Linksys routers running SMART Wi-Fi Firmware are still vulnerable to remote attacks

NAT-PMP Protocol Vulnerability affects more than 1.2 Million SOHO devices

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

U.S. CISA adds AMI MegaRAC SPx, D-Link DIR-859 routers, and Fortinet FortiOS flaws to its Known Exploited Vulnerabilities catalog

CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

Hackers deploy fake SonicWall VPN App to steal corporate credentials

Mainline Health Systems data breach impacted over 100,000 individuals

Disrupting the operations of cryptocurrency mining botnets

QUICK LINKS

SOHO Routers

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!