Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Critical flaw on over 12M routers allows device hijacking, network compromise

Critical flaw on over 12M routers allows device hijacking, network compromise

2014/12/19

Help Net Security - (International) Check Point researchers identified a vulnerability in over 12 million routers dubbed "Fortune Cookie" caused by an error within the HTTP cookie management component that could be remotely exploited to cause the current session to be given administrative privileges by sending a packet to a user's public IP address. The vulnerability was found in routers manufactured by TP-Link, Huawei, Zyxel, Netcomm, SmartAX, Edimax, and others.

Source: http://www.net-security.org/secworld.php?id=17776

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:22:53