Submission + - Malicious Websites Can Subvert Personal Routers
Apro+im writes: PCWorld is reporting: "If you haven't changed the default password on your home router, do so now. That's what researchers at Symantec and Indiana University are saying, after publishing the results of tests that show how attackers could take over your home router using malicious JavaScript code."
The root of the problem seems to stem from routers allowing GET requests to have side-effects, allowing attackers to change settings and then perform man-in-the middle attacks. Though the story and the linked paper (PDF) claim that routers with changed passwords are immune, a quick experiment shows that routers which use HTTP Authentication can be compromised the same way, if the user has logged into their router earlier in the browser session. Also, though the article says this is a Javascript exploit, it can actually be executed by any tag which allows the inclusion of a "src" element from another domain (e.g., "img").
The root of the problem seems to stem from routers allowing GET requests to have side-effects, allowing attackers to change settings and then perform man-in-the middle attacks. Though the story and the linked paper (PDF) claim that routers with changed passwords are immune, a quick experiment shows that routers which use HTTP Authentication can be compromised the same way, if the user has logged into their router earlier in the browser session. Also, though the article says this is a Javascript exploit, it can actually be executed by any tag which allows the inclusion of a "src" element from another domain (e.g., "img").