In the DEF CON hacking conference the researchers came across a lot of flaws in the “existing 4G modems and routers”.
Per sources, a selection of all the products was made and then tested which resulted in detection of “critical remotely exploitable flaws”.
The part that happens to be a real point of concern is that quite a large number of flaws were found in a very limited stock of devices.From consumer-grade routers and dongles to super expensive devices that are designed to be used on mass level all of them were tested with flaws.The vendors were immediately informed about the security defects and mostly they were fixed well before the Pen Test Partners report got published.
Netgear 4G Routers
Security issues also existed in the case of 4G routers fabricated by TP-Link and Netgear with four of them being assigned CVEs.The Netgear Nighthawk M1 Mobile router got tracked as CVE-2019-14526 and a post-authentication command injection (CVE-2019-14527) which could lead to arbitrary code execution.
The attacker could exploit the above vulnerabilities by tricking the users into visiting a maliciously designed page.Some insight into the SCRF protection bypass flaw of the Netgear routers and breaking the encrypted firmware was also given by the researchers.
TP-LINK 4G Routers
The mobile wireless routers by TP-Link were also found to be compromised and with their very own CVE issues.
The M7350 4G LTE is the model that was vulnerable with mainly, CVE-2019-12103 (Pre-Authentication Command Execution) and CVE-2019-12104 (Post-Authentication Command Execution).ZTE 4G RoutersZTE was a vendor that got immediately in the limelight during the research as it had avoided security issues in its MF910 and MF65+. The website they were listed on was out of support.Per sources the MF920 shared the same codebase with another router that the researchers checked and ZTE decided to take things seriously and fix the reported flaws.Sources mentioned the following issues were discovered MF910 and MF65 that aren’t going to be patched:
· A Cross-Site Scripting point in an unused “test” page.
· In the pre-authentication process the administration password could be leaked.
· One of the debug endpoints during post authentication is vulnerable to command injection.If these issues were to amalgamate, arbitrary code execution on the router becomes all the easier and could be triggered by the user’s visiting a malicious web-page.Two other vulnerabilities that were discovered in the ZTE 4G routers were:
· CVE-2019-3411 (Information leak, 7.5 high severity CVSS v3.0 base score)
· CVE-2019-3412 (Arbitrary Command Execution with a critical severity of 9.8 CVSS v3.0 base score)
If the degraded condition of the already existing 3G and 4G routers is not to get better the 5G routers to come wouldn’t attract as many consumers.The market condition is so that the users are majorly dependent- and if they aren’t they’re soon to be- on cellular connections for full-time internet.
