Categories: SecurityWorkspace

Thousands Of Network Devices Open To Password Theft

Hundreds of thousands of network machines are open to attacks that could leak their usernames and passwords, thanks to vulnerabilities in a much-used protocol.

The flaws reside in the read only community string “public” in the Simple Network Management Protocol (SNMP), used for configuring systems connected to the network. An attacker could “easily” get credentials for the affected machines, Rapid7 researchers said.

SNMP protocol flawed

They said Brocade’s ServerIron load balancer was vulnerable, claiming it would be trivial for hackers to get hold of sensitive information from the devices. “Unless SNMP is disabled, or the public community string is changed, an attacker can easily extract the passwords hashes for an offline brute force attack,” the researchers added in a blog post.

Rapid7 also singled out a number of vulnerable routers and modems: the Ambit U10C019 and Ubee DDW3611 series of cable modems, and the Netopia 3347 series of DSL modems.

In those cases, if the default settings were left alone, the devices were not vulnerable. Yet certain providers enable SNMP with the weakness left open.

Using the device search engine, Shodan, the researchers said there were 229,409 Ambit and 224,544 Netopia machines exposed to the internet.

“While it can certainly be argued that information disclosure vulnerabilities are simple to resolve and largely the result of poor system configuration and deployment practices, the fact remains that these issues can be exploited to gain access to sensitive information. In practice, the low-hanging fruit are often picked first,” the researchers added.

“The tested modems are currently end-of-life, which means that the chances of firmware updates to address these insecure defaults are quite unlikely to be released. Of course, just because something is end-of-life doesn’t mean it disappears from the Internet – causal Shodan browsing attests to that.

“Further, we cannot know if these configurations persist in current, supported offerings from the vendors, but you might want to check yours.”

The three vendors were notified in February. At the time of publication, none had responded to requests for comment.

What do you know about Internet security? Find out with our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago