ESET tests show that vulnerabilities in software and weak passwords are common in home routers.
ESET, Home Network Protection, is included in the BETA series of ESET Internet Security's leading ESET Smart Security Premium releases. Thanks to this feature, users can scan household routers for vulnerabilities, malware, exploitable network services, and weak passwords.
Since its first release in April, ESET has tried more than 12.000 router users who agreed to share their data anonymously with ESET for statistical purposes.
The analysis shows that almost 7% of the routers that participated in the tests displayed high or moderate vulnerabilities in the software. Scanning of the doors revealed that in many cases the network services were accessible on both internal and external networks.
"In particular, unsecured services such as Telnet should not be left open, not even on a local network, which has been observed - unfortunately - in more than 20% of cases on routers participating in the tests."Says Peter Stančík, ESET Security Evangelist.
The results also show that the 15% of routers tested use weak passwords, with the word "admin" remaining as the username in most cases.
"During testing, we tried with common usernames and passwords used as default as well as some frequently used combinations. It is disturbing that in these simple simulations of attacks, more than one in seven was successful, "comments Stančík.
Most of the software vulnerabilities - just over 50% - that were discovered during the ESET Home Network Protection tests were unauthorized access vulnerabilities.
The second most common vulnerability (40%) found in ESET Home Network Protection trials was a command injection vulnerability. This aims to execute arbitrary commands in the operating system through a vulnerable application.
Almost 10% of all software vulnerabilities found were so-called cross-site scripting (XSS) vulnerabilities that allow attackers to modify router settings so they can run a fake command set.
"The results collected by the ESET Home Network Protection during the test BETA of its security solutions ESET clearly show that routers can be attacked quite easily by exploiting one of the vulnerabilities they encounter often. This makes them the Achilles heel of overall Internet security for households and small businesses, adds Stančík.
In addition to router scanning and control for common vulnerabilities, ESET Home Network Protection also offers an easily accessible inspection of devices that are connected to a local network, categorizing them based on the type and time of connection. This helps ESET users control how secure their networks are.