Routers are an essential part of any modern business which uses IT systems. But what happens when you’re working with a compromised router?
Routers are devices which help to connect different networks together. They receive data packets from one network, analyze the destination address, and then forward the data to the relevant destination network. Essentially, a router is used to facilitate communication between different devices and networks. The internet, of course, is crucial to directing this data and this makes routers highly attractive targets for threat actors.
Therefore, the discovery of a vulnerability within a router presents a significant threat to your cybersecurity. But, when there are five vulnerabilities within the same router, you have a disaster on your hands.
A Quick Guide to the 5 Vulnerabilities
Netgear has had to concede that their Netgear RAX30 routers have been exposed as lacking that seal of quality when it comes to security. A router, after all, is your gateway to the internet, the place where all your communication begins. If this is compromised, then a whole world of trouble is just waiting to take advantage. The five vulnerabilities picked up for the Netgear RAX30 routers are:
- CVE-2023-27357: this security flaw allows external attackers to identify and record sensitive information passing through Netgear RAX30 routers.
- CVE-2023-27368: an attacker can use this vulnerability to execute malicious code on the compromised routers. And, as user data is not being correctly validated by the Netgear RAX30 router, threat actors are able to avoid having to authenticate their access.
- CVE-2023-27369: much like the previous vulnerability, this specific flaw allows attackers to run malicious code, or indeed any code they like, on affected systems.
- CVE-2023-27370: unfortunately, for users of the Netgear RAX30 router, sensitive configuration data is stored in plaintext on the router. This allows attackers, who can easily bypass the authentication mechanisms, to steal system credentials with ease.
- CVE-2023-27367: the final vulnerability known to be affecting the Netgear RAX30 router is, again, one which allows attackers to exploit it and run malicious code through it.
With all five vulnerabilities scoring highly on the Common Vulnerability Scoring System (CVSS) – with three of them gaining a CVSS of 8 or above – Netgear has a big problem on their hands.
How Do You Safely Secure Your Router?
Netgear has been quick to address the five vulnerabilities, with an updated firmware version released on April 7, 2023. However, it’s important that you always make sure your router is as secure as possible. And you can do that by putting the following into action:
- Always change default login credentials: some routers are shipped with default login credentials, but this makes them incredibly easy to guess. In fact, many lists of default credentials can quickly be found online. Accordingly, make sure you always change your router’s login credentials before going online with it.
- Enable WPA2 encryption: Another way to protect your router is to enable WPA2 encryption. This will secure the wireless network and prevent unauthorized access. Make sure to use a strong encryption key and avoid using common words or phrases that can be easily guessed.
- Always update your router: regular firmware updates and patches ensure that your router remains as safe as possible. However, it’s crucial that you install these as soon as possible. Sometimes it can be time consuming to go through the update process, but it can save you major headaches further down the line.
For more ways to secure and optimize your business technology, contact your local IT professionals.
Read More