Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

ICS-CERT warns of critical flaws in NetComm industrial routers

Security researcher has found two critical vulnerabilities in the industrial routers manufactured by the Australian company NetComm Wireless. Security researcher Aditya K. Sood has found two critical vulnerabilities in the industrial routers manufactured by the Australian company NetComm Wireless that can be exploited remotely to take control of affected devices. The affected models are NetComm 4G LTE […]

NetComm 4G LTE Light industrial M2M routers

Security researcher has found two critical vulnerabilities in the industrial routers manufactured by the Australian company NetComm Wireless.

Security researcher Aditya K. Sood has found two critical vulnerabilities in the industrial routers manufactured by the Australian company NetComm Wireless that can be exploited remotely to take control of affected devices. The affected models are NetComm 4G LTE Light industrial M2M routers running firmware version 2.0.29.11 and prior.

Sood reported the flaws to the ICS-CERT in October 2017.

NetComm industrial routers.jpg

The CSRF and XSS flaws have been classified by as “critical,” while the information disclosure issues have been classified as “high severity.”The ICS-CERT published a security advisory that warns of four vulnerabilities that affect the industrial routers. The issues tracked with CVE identifiers CVE-2018-14782 through CVE-2018-14785, are an Information Exposure, a Cross-site Request Forgery, a Cross-site Scripting, an Information Exposure through Directory Listing.

The cross-site request forgery condition could be triggered by a remote attacker to change passwords of the device.

“When a web server is designed to receive a request from a client without any mechanism for verifying that it was intentionally sent, then it might be possible for an attacker to trick a client into making an unintentional request to the web server which will be treated as an authentic request. This can be done via a URL, image load, XMLHttpRequest, etc. and can result in exposure of data or unintended code execution.” reads the security advisory.

The Netcomm industrial routers are vulnerable to several cross-site scripting attacks, a remote attacker can carry out them to run arbitrary code on the device.

“The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.” states the advisory.

The XSS vulnerability is tied with the failure of the application hosted on the embedded web server to filter and sanitize the input.

Another flaw is an Information Exposure Through Directory Listing that could be triggered by an attacker to gain the complete index of all the resources located inside of the directory.

The last issue is an information disclosure issue that can be exploited by an attacker to obtain details on the router’s components.

NetComm has released a firmware update that addresses the security vulnerabilities in mid-May 2018.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – NetComm industrial router, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]