2 min read

UK ISP Had 6 Million Routers Vulnerable for a DNS Vulnerability for 18 Months

Silviu STAHIE

November 22, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
UK ISP Had 6 Million Routers Vulnerable for a DNS Vulnerability for 18 Months

Security researchers have revealed that around 6 million Sky routers have been affected by a DNS rebinding vulnerability that would have let attackers control any router in the past 18 months.

Internet service providers (ISP) often offer their own routers to people who subscribe to their services. The problem is that ISPs have to provide proper support for those routers, or customers might keep vulnerable devices in their network.

Routers are all the most important as they are usually home guardians as well, acting as gatekeepers to our kingdoms. A crack in that “wall” is much less than ideal. Whether the exploit has been used in the wild is unclear.

Sky’s routers have been affected until recently by a DNS rebinding vulnerability that could have allowed attackers to remotely take over devices, especially those still using the default credentials. People who connected to the Internet from behind one of those routers could have been tricked into clicking on a link that let remote attackers redirect DNS traffic and eventually take control.

From there, obtaining the Wi-Fi password, enabling DMZ servers, or simply forwarding ports would have been trivial, eventually giving an attacker a legitimate way to enter the network.

“With remote management enabled, the attacker could connect directly to the router’s web application and modify any settings, such as setup up a DMZ server or configure port forwarding, exposing the internal home network to the internet,” said the Pen Test Partners researchers.

“Affected models: Sky Hub 3, 3.5 and Booster 3 (ER110, ER115, EE120) Sky Hub 2 and booster 2 (SR102, SB601) Sky Hub (SR101). The Sky Hub 4 and Booster 4 (SR203, SE210) were also affected by the DNS rebinding vulnerability, however, every device comes with a random administrator password, limiting the ease of attack as the password must be brute forced,” they added.

While it’s not uncommon to find vulnerabilities in routers, taking 18 months to fix the issue is not ordinary. The researchers initially provided Sky with the regular 90 days window and extended way past that mark when the pandemic hit.

The initial report came on May 11, 2020, but the ISP managed to cover 50% of the user base with a patch by May 2021. The latest messages from the company said that they managed to update 99% of the routers, 18 months later, in October 2021.

tags


Author



Right now

Top posts

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

Abode IoT Security Camera Vulnerabilities Would Let Attackers Insert Images, Bitdefender Finds

December 21, 2021

2 min read
Online Shoppers Beware, Mobile Scams Are on the Rise

Online Shoppers Beware, Mobile Scams Are on the Rise

December 17, 2021

2 min read
The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Top Five Security Tips for Mac Users in 2022 Top Five Security Tips for Mac Users in 2022
Filip TRUȚĂ

January 19, 2022

4 min read
Safari browser bug can expose your browsing history, affects all platforms Safari browser bug can expose your browsing history, affects all platforms
Radu CRAHMALIUC

January 18, 2022

1 min read
Warning! Fake Nintendo Websites Try to Dupe You into Buying ‘Discounted’ Switch Warning! Fake Nintendo Websites Try to Dupe You into Buying ‘Discounted’ Switch
Filip TRUȚĂ

January 18, 2022

1 min read