<< SQL Server 2008 SP1 erschienen | ORM Performance >>

Routers vulnerable to CSRF attacks

by fkollmann 4/9/2009 10:48:20 AM

The German website TecChannel successfully hacked some routers using Cross Site Request Forgery. The attackers use open sessions to the router web interface and change the routers configuration by directly POSTing to its web interface.

There is a simple rule to avoid this: Whenever you change the settings of your router (using the web interface of course) make sure all other tabs and windows (of the same browser: IE, FF, etc.) are CLOSED! After reconfiguration, LOGOUT of the router’s web interface!

ARTICLE (German)

Worm attacking RoutersThere is new worm which specifically attacks your router on the local network. MAKE SURE YOU USE A S...D-Link integrates CAPTCHATerry Walsh from WGS posted that D-Link added CAPTCHA into the web interfaces of their routers to pr...Router Control v1.2 CTP1 releasedIn the last days I realized that there would have to be some deep changes on the user experience to ...

Comments

4/9/2009 11:00:21 AM

Pingback from realrumors.net

Routers vulnerable to CSRF attacks | Real Rumors

realrumors.net

Felix Kollmann - flx. v2.1

Routers vulnerable to CSRF attacks

Search

Recent posts

Recent comments

Archive

Categories