According to a new report released by the infosec experts at Check Point Thursday morning, a new bug found in the guts of broadband routers around the globe could leave up to 12 million desktops, laptops, smartphones and tablets vulnerable to exploitation over the next six months.
The problem is the result of an error in HTTP cookie management that pops up whenever a user visits a webpage from their preferred device. This means that basically any device which uses the Internet through your home router is at risk, and marks one of the largest vulnerabilities discovered in the personal networking space to date.
Everything from D-Link to Huawei, Edimax, TP-Link, and ZTE routers are affected by the bug, many of which reside in some of the largest emerging low cost markets including China, India, and Russia.
“Attackers can send specially crafted HTTP cookies [to the gateway] that exploit the vulnerability to corrupt memory and alter the application and system state. This, in effect, can trick the attacked device to treat the current session with administrative privileges – to the misfortune of the device owner.”
The sheer magnitude of the number of available routers and ports that Misfortune Cookie can take advantage of is staggering, and proves that no matter how safe you think you are or how strong your firewall might be, there’s always going to be someone out there with the right set of tools designed to slip past when the big manufacturers finally let their guard down.
All told Check Point believes there are up to 200 affected models (all of which can be found listed in detail here), that will each need a full firmware flash in order to get running properly again.
A few of the models listed come with pre-built software designed to handle these types of threats, however they need to be manually activated, and customers will need to check their own equipment individually to find out if the option is available to them.
“We believe that devices exposing RomPager services with versions before 4.34 (and specifically 4.07) are vulnerable. Note that some vendor firmware updates may patch RomPager to fix Misfortune Cookie without changing the displayed version number, invalidating this as an indicator of vulnerability.”
For the time being, the one available workaround for the problem is to lock down your router’s public availability to ports on 80, 8080, 443, and 7547. That said, the researchers believe that a number of other connections could be affected, though they are still gathering early data sets that have yet to fully reveal the scope of how deep the Misfortune Cookie flaw really goes.
Check Point has petitioned RomPager to update AllegroSoft (though a proper release debuted in 2005, many major business and home networks have yet to install it for themselves). Until that happens, the researchers have warned that you should be explicitly aware of all the traffic coming to and from your routers, and more specifically, should be focusing closely on what ports are being used to transmit and receive information throughout the day.
