By Lucian Constantin
Nov. 11, 2016
However, when he reported the flaw to Peplink the company confirmed and patched it in a subsequent firmware update, so the firmware on FREE_TLV's routers was certainly vulnerable when Neiderman found the flaw.
While finding vulnerabilities in routers is not uncommon, this case stands out because it shows that skilled hackers could potentially attack thousands or tens of thousands of users by compromising large public Wi-Fi networks like those run by municipalities.
By controlling a router, attackers can snoop on all unencrypted user traffic that passes through it and capture sensitive information. They can also launch active attacks, like redirecting users to rogue web servers when they're trying to access legitimate websites or injecting malicious code into non-HTTPS web pages.
Large networks are typically standardized and use the same type of equipment throughout to allow for easier management. A vulnerability that allows a compromise of one of the network's access points is likely to allow the compromise of all of them.
Attacks like these are why users are strongly encouraged to use a VPN (Virtual Private Network) service when they're accessing the internet over public or untrusted Wi-Fi networks.
Neiderman said that he was impressed with how Peplink responded to his report and how the company handled the vulnerability. He stressed that this attack was also possible because of the insecure way in which the network's routers had been deployed. Their administration interfaces shouldn't have been exposed to the Internet.