Misfortune Cookie
Check Point researchers have detected a vulnerability that would affect more than 12 million devices in 189 countries.
The vulnerability is due to an incorrect handling of the HTTP cookies in the RomPager webserver, embedded in at least 200 gateway models of different vendors (ASSUS, D-Link, Huawei, ZyXEL and more). By exploiting this flaw, an attacker could be able to monitor the communications of the affected network, steal credentials or other sensitive information, or infect the devices within the network.
References:
- 18/12/2014 mis.fortunecook.ie Misfortune Cookie
- 19/12/2014 elmundo.es Al menos 12 millones de 'routers' domésticos afectados por un agujero de seguridad
- 18/02/2015 securityaffairs.co Misfortune Cookie flaw exposes more than 12 million SOHO routers to the risk of a cyber attack
Tags: