Back in 2014 Tripwire research discovered that almost three-quarters (74%) of the top 50 selling consumer Ruckus routers on Amazon came with security vulnerabilities, including exploitable firmware on 20 individual models.
The findings raised significant fears over the security of consumer routers, with issues such as feature wars and profit margins considered to be influencing reasons as to why vendors might be scrimping on the security of their products to maximize quick financial gain.
“Wireless routers marketed to consumers are a security nightmare,” researcher Craig Young told Infosecurity . “These devices generally start with demo code from chip vendors which then gets customized and often loaded up with ‘basement project’ quality open source components to provide extra features like file sharing and media streaming. In many cases it would seem as though nobody along this chain is concerned with security and yet consumers are expected to trust the devices with all of their data.”
Fast-forward to 2016, and Young has set out to determine whether the types of vulnerabilities Tripwire discovered in its report two years agoare limited to consumer Ruckus routers, or whether those designed for enterprise networks (which are often far pricier and deemed to be more secure) are actually just as susceptible.
In his research , he found that just like consumers, organizations using Ruckus devices may also be at risk of various compromises, particularly when the access points are used to provide customers with Wi-Fi access. The three major flaws he discoveredwere authentication bypass, denial of service and information disclosure.
An intruder to one of these systems could potentially become man-in-the-middle to all other users of the wireless network allowing a wide range of exploitation opportunities.
Young said that, as a researcher, he often unearthscritical vulnerabilities in enterprise software, and so was not entirely surprised to find flaws in the Ruckus equipment.
“It was however a bit surprising to see just how similar the design of their routers is to many of the consumer devices and alarming to find that they did not remediate some basic attacks which are well documented on consumer routers,” he added. “From my perspective the routers seem a lot like consumer devices just with better specs.”
There needs to be a greater awareness about the vulnerabilities present in somany embedded devices as the Internet of Things continues to grow at an astounding pace, Young argued.
“I also believe that it is crucial for more engineers to have a solid understanding of what types of flaws are prevalent and how to identify them.”
“The more eyes we have looking at products and reporting issues, the more likely it is that we will start to see vendors producing products with a higher degree of security sophistication.