Vulnerability Affects Hundreds of Thousands of IoT Devices

Vulnerability Affects Hundreds of Thousands of IoT Devices

By | December 27th, 2017
No Comments on Vulnerability Affects Hundreds of Thousands of IoT Devices

According to Elttam, the flaw is found in GoAhead's server CGI package.

Attackers can exploit this flaw if CGI is enabled and if a CGI program is

dynamically linked.


														
							

Elttam reported the flaw to Embedthis six months ago, and the server vendor released a patch —version 3.6.5. All server versions before GoAhead 3.6.5 are presumed vulnerable, albeit researchers only verified the flaw on GoAhead versions going back to version 2.5.0 only.

Embedthis has done its part by releasing a patch and informing other upstream equipment vendors. Now, what’s left is for all hardware vendors to incorporate the GoAhead patch into a firmware update for all the affected devices. Such process is expected to take months and years, while some devices won’t receive any update because they’ve passed their end-of-life date.

IoT malware like Mirai, Hajime, BrickerBot, Persirai, and others, were seen exploiting GoAhead flaws in the past year —among with other flaws for many other vendors. Unfortunately, past events tell us that IoT malware authors will jump on this bug and start exploiting it in attacks, if they haven’t already.

Source

Google
Nisheeth Bhakuni