There is a new option included, -l, that limits the amount of processes able to be running on the same device. Going through the files Eloi found the file scfgmgr which initially contained the backdoor to still be vulnerable. Vanderbeken downloaded the patched firmware version 1.1.0.55 of Netgear DGN1000, and unpacked it using binwalk firmware analysis tool. To verify the backdoor had been patched, Mr. The original security researcher who found the first backdoor, Eloi Vanderbeken, has noted that the past backdoor has been patched in a firmware update, but SerComm has added the same backdoor via another method.
The vulnerability allowed attackers to send commands to the vulnerable router via TCP port 32764 without authentication. In early 2014, researchers reported secret backdoor TCP 32764 in several routers, router manufactures included Linksys, Netgear, Cisco and Diamond.
0 kommentar(er)
