Categories: SecurityWorkspace

Thousands Of Network Devices Open To Password Theft

Hundreds of thousands of network machines are open to attacks that could leak their usernames and passwords, thanks to vulnerabilities in a much-used protocol.

The flaws reside in the read only community string “public” in the Simple Network Management Protocol (SNMP), used for configuring systems connected to the network. An attacker could “easily” get credentials for the affected machines, Rapid7 researchers said.

SNMP protocol flawed

They said Brocade’s ServerIron load balancer was vulnerable, claiming it would be trivial for hackers to get hold of sensitive information from the devices. “Unless SNMP is disabled, or the public community string is changed, an attacker can easily extract the passwords hashes for an offline brute force attack,” the researchers added in a blog post.

Rapid7 also singled out a number of vulnerable routers and modems: the Ambit U10C019 and Ubee DDW3611 series of cable modems, and the Netopia 3347 series of DSL modems.

In those cases, if the default settings were left alone, the devices were not vulnerable. Yet certain providers enable SNMP with the weakness left open.

Using the device search engine, Shodan, the researchers said there were 229,409 Ambit and 224,544 Netopia machines exposed to the internet.

“While it can certainly be argued that information disclosure vulnerabilities are simple to resolve and largely the result of poor system configuration and deployment practices, the fact remains that these issues can be exploited to gain access to sensitive information. In practice, the low-hanging fruit are often picked first,” the researchers added.

“The tested modems are currently end-of-life, which means that the chances of firmware updates to address these insecure defaults are quite unlikely to be released. Of course, just because something is end-of-life doesn’t mean it disappears from the Internet – causal Shodan browsing attests to that.

“Further, we cannot know if these configurations persist in current, supported offerings from the vendors, but you might want to check yours.”

The three vendors were notified in February. At the time of publication, none had responded to requests for comment.

What do you know about Internet security? Find out with our quiz!

Thomas Brewster

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

12 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

15 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

16 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

17 hours ago