ESET tests show that vulnerabilities in software and weak passwords are common in home routers.
ESET has introduced a new function, Home Network Protection, which is included in the series of BETA versions of the top solutions of ESET Internet Security and ESET Smart Security Premium. Thanks to this feature, users can scan their home routers for vulnerabilities, malicious clues, exploitable network services and weak passwords.
Since its first release in April, ESET has tried more than 12.000 router users who agreed to share their data anonymously with ESET for statistical purposes.
The analysis shows that almost 7% of the routers that participated in the tests displayed high or moderate vulnerabilities in the software. Scanning of the doors revealed that in many cases the network services were accessible on both internal and external networks.
"In particular, unsecured services such as Telnet should not be left open, not even on a local network, which has been observed - unfortunately - in more than 20% of cases on routers participating in the tests."Says Peter Stančík, ESET Security Evangelist.
The results also show that the 15% of routers tested use weak passwords, with the word "admin" remaining as the username in most cases.
"During testing, we tried with common usernames and passwords used as default as well as some frequently used combinations. It is disturbing that in these simple simulations of attacks, more than one in seven was successful, "comments Stančík.
Most of the software vulnerabilities - just over 50% - that were discovered during the ESET Home Network Protection tests were unauthorized access vulnerabilities.
The second most common vulnerability (40%) discovered by testing with ESET Home Network Protection was a command type vulnerability injection. This particular one is aimed at implementation αυθαίρετων εντολών στο λειτουργικό system through a vulnerable application.
Almost 10% of all software vulnerabilities found were so-called cross-site scripting (XSS) vulnerabilities that allow attackers to modify router settings so they can run a fake command set.
"The results collected by the ESET Home Network Protection during the test BETA of its security solutions ESET clearly show that routers can be attacked quite easily by exploiting one of the vulnerabilities they encounter often. This makes them the Achilles heel of overall Internet security for households and small businesses, adds Stančík.
Along with being able to scan routers and check for common vulnerable points, ESET Home Network Protection also offers an easily accessible inspection of devices connected to a local network, categorizing them by connection type and time. This helps ESET users check how secure their networks really are.
