Vulnerability "Doom Cookie" was found to affect TP, Huawei and other tens of thousands of routes

Source: Internet
Author: User
Keywords Huawei program Ape Lei Feng Net
Tags .mall .net business check check point company control cookie

Vulnerabilities in routers have become frequent in recent years, and routing vendors are often pointed out that there is a security problem with the equipment in store.

Last night, security research company Check Point claimed to have found a significant routing vulnerability that could allow attackers to control home and small business routers, and route to an intranet device. Check Point says the vulnerability affects at least 12 million routes produced by more than 20 routing vendors, including TP, Link, Huawei and other well-known vendors.

Given the breadth of the device that is affected by the vulnerability, this may be the most recent security issue that the router has been affected by, and Check Point is named "Doom Cookie" (misfortune cookie) and is online with a "Misfortune Cookie" special page to explain it.

What is a bad luck cookie?

Most of the router system is based on Linux customization, it has a number of services, components, such as ADSL dial-up, DHCP services. This doom cookie is found on a Rompager component that provides Web server services, developed by Allegro Software, a foreign company.

Allegro software, in response to Re/code, said the curse was a bug 12 years ago and was repaired 9 years ago. But many of Allegro's customers did not update the patch, a company with more than 300 customers who did not force these customers to use the latest (patched) versions.

By the way, Rompager components are used extensively on domestic routes and are often exposed to vulnerabilities, and TP and Huawei have been affected by several routes.

Is this loophole believable?

Credibility is high, because Rompager is really a lot of problems.

But the check point, which publishes the vulnerability, is mixed with a lot of marketing factors. Reddit said that although check point quickly released the vulnerable page, but this page did not write any details, but stressed that the use of Check Point firewall can be very good protection, it looks like a marketing advertisement.

In addition, Check point disclosure of the vulnerability code cve-2014-9222 also has not been approved by the U.S. National Information Security vulnerability platform, which looks very strange, like a book without books and periodicals issued, on the Reddit have suspected Check point people @jifatal Response, said the vulnerability platform will take some time to open.

How to protect?

1, change the router, this PDF has all the affected routing model;

2, close the route, gateway open ports, such as 80, 8080, 443, 7547, etc.;

3, waiting for the routing manufacturer's security update.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.