"Misfortune Cookie" Vulnerability on Multiple Broadband Routers

Last Update Date: 22 Dec 2014 10:56 Release Date: 22 Dec 2014 3053 Views

RISK: High Risk

High Risk

TYPE: Operating Systems - Embedded OS

TYPE: Embedded OS

Many home and office/home office (SOHO) routers have been identitied to be using vulnerable versions of the Allegro RomPager embedded web server. Allegro RomPager versions prior to 4.34 contain a vulnerability in cookie processing code that can be leveraged to grant attackers administrative privileges on the device.

Impact

  • Remote Code Execution
  • Security Restriction Bypass

System / Technologies affected

  • Routers' Allegro RomPager versions prior to 4.34

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Apply an update.
    Check vendor websites for a firmware update that addresses this issue and apply it if available.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Network Time Protocol daemon (ntpd) Multiple Vulnerabilities

22 Dec 2014 3346 Views

Next

Docker Multiple Vulnerabilities

29 Dec 2014 3016 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY