Home fiber routers vulnerable.

walden, system, systems, walden systems, rita, firewall, port, forward, up, protect, intrusion, security, traffic, DMZ, block, protection, walden systems, walden, systems, network, fire, wall, hack, intrusion, cisco, router, network, switch, hub, IoT, traffic
Rita gives you full control of what sites your employees visit. Rita can block sites that eat up your precious bandwidth such as media streaming sites. Rita enables you full control of what sites your employees can and cannot visit. Rita gives you the ability to block undesirable sites by wildcard or by name. Rita gives you the ability to determine which computers will be blocked and which will be allowed. With Rita, you can block access to sensitive servers within your LAN.



     Consumers that are able to have fast, 1Gbps internet access may not be so fortunate. A security flaw in home fiber routers expose millions of consumers to the risk of allowing hackers to access all their internet activities including full browsing histories. An assessment of many GPON home routers has uncovered a security vulnerability that allows hackers to bypass all authentication on the devices. The security flaw can be found in the HTTP servers on GPON networks, which check for specific paths when authenticating the router. The hackers can bypass authentication by simply adding an image suffix to the URL. Because the initial authentication bypass, researchers were able to find a command injection vulnerability that aloows hackers to execute commands on the device. The two different vulnerabilities could, when combined, allow complete control of the home users' networks.

     While looking through the device functionalities, researchers noticed the diagnostic endpoint contained the ping and traceroute commands. It didn't take much to figure out that the commands can be injected by the host parameter. Since the router saves ping results and transmits them to the user, it's simple to execute commands and retrieve their output. Hackers can use the vulnerabilities to see the IP address of specific routers and match them to physical IP addresses in some cases. Hackers can also see where the users are visiting on the web. They can can then set up man-in-the-middle phishing pages to harvest sensitive information. It's possible to take an entire browsing history from someone in the last 30 days and put it out on the web, because you have access to the browsing history and you can skim sensitive or private information.




     GPON is a fiber-based, passive optical network that supports 1Gbps broadband to the home. It isn't the most common type of ISP network in the U.S., given that fiber-to-the-home installions are limited. But, it's seen as the future of broadband, as consumers demand more bandwidth to support video streaming and other activities. In some countries, like Mexico, it has become mainstream. Researchers tested these vulnerability on many random GPON routers, and the vulnerability was found on all of them. Since so many people use these types of routers, this vulnerability can result in your entire network being vulnerable. Consumers that have fiber to the home broadband should contact their ISPs about updates.