New research released by the reviews site TheBestVPN claims that vulnerabilities in routers from Netgear Inc., D-Link Corp. and ZTE Corp. could result in “a complete takeover of your router.”

Reported today by TechRadar with limited details, the vulnerabilities initially appears to be accessed by the creation of a malicious web page or link that injects malicious script that allows a hacker to intercept personal information.

Routers at risk named by the research include the Netgear DGN2200 and DGN2200M, Dlink DIR-300 and ZTE F660, but other models could also be affected.

Craig Young, computer security researcher for Tripwire Inc.’s Vulnerability and Exposure Research Team, told SiliconANGLE that despite the lack of details, it appears that the vulnerability involves “multiple cross-site request forgery or CSRF attacks leading to code execution.

“The premise of CSRF is that an attacker can trigger a victim’s web browser to make HTTP requests to another website without the target site recognizing that the request was forged,” Young explained. “In this case, the targeted web site would most likely be the web page for controlling router settings, but it could also be a server used for media streaming or file sharing. In most cases, a CSRF attack requires that the victim is logged into the vulnerable website, but routers often have vulnerabilities which can be triggered by unauthenticated HTTP requests.”

Moreover, Young said, a quick Google search indicates that the routers are all older devices, raising doubts about whether security fixes will be made available.

“For a successful CSRF attack, the attacker needs to locate the victim’s router to relay an attack,” he said. “An advanced user can thwart unsophisticated attempts to exploit these bugs by simply using a less common router address like 10.9.8.7 instead of 192.168.0.1. A more complete fix, however, would be to actively disable the HTTP management interface of the router so that it cannot be attacked.”

Photo: Publicdomainpictures