ESET tests show that vulnerabilities in software and weak passwords are common in home routers.
A new mode παρουσίασε η ESET, το Home Network Protection, που συμπεριλαμβάνεται στην σειρά BETA εκδόσεων των κορυφαίων λύσεων της ESET Internet Security και ESET Smart Security Premium. Χάρη σε αυτή τη λειτουργία, οι χρήστες μπορούν να πραγματοποιούν σαρώσεις στους οικιακούς δρομολογητές για ευπάθειες, κακόβουλες ενδείξεις, υπηρεσίες δικτύου με δυνατότητα εκμετάλλευσης και αδύναμους κωδικούς πρόσβασης.
Since its first release in April, ESET has tried more than 12.000 router users who agreed to share their data anonymously with ESET for statistical purposes.
The analysis shows that almost 7% of the routers that participated in the tests displayed high or moderate vulnerabilities in the software. Scanning of the doors revealed that in many cases the network services were accessible on both internal and external networks.
"In particular, unsecured services such as Telnet should not be left open, not even on a local network, which has been observed - unfortunately - in more than 20% of cases on routers participating in the tests."Says Peter Stančík, ESET Security Evangelist.
The results also show that the 15% of routers tested use weak passwords, with the word "admin" remaining as the username in most cases.
“During testing, we tried common default usernames and passwords as well as some frequently used combinations. It is worrying that in these simple simulations attacks, more than one in seven was successful," comments Stančík.
Most of the software vulnerabilities - just over 50% - that were discovered during the ESET Home Network Protection tests were unauthorized access vulnerabilities.
The second most common vulnerability (40%) found in ESET Home Network Protection trials was a command injection vulnerability. This aims to execute arbitrary commands in the operating system through a vulnerable application.
Almost 10% of all software vulnerabilities found were so-called cross-site scripting (XSS) vulnerabilities that allow attackers to modify settings of the router so they can "run" a fake set of commands.
"The results collected by the ESET Home Network Protection during the test BETA of its security solutions ESET clearly show that routers can be attacked quite easily by exploiting one of the commonly encountered vulnerabilities. This makes them the Achilles heel of the overall better safetyon the Internet for Households and Small Businesses' adds Stančík.
In addition to router scanning and control for common vulnerabilities, ESET Home Network Protection also offers an easily accessible inspection of devices that are connected to a local network, categorizing them based on the type and time of connection. This helps ESET users control how secure their networks are.
