“Dubbed the ’Misfortune Cookie’ flaw, the firm plans to give a detailed account of the issue at a forthcoming security conference but in the meantime it’s important to stress that no real-world attacks using it have yet been detected,” Dunn reports. “That said, an attacker exploiting the flaw would be able to monitor all data travelling through a gateway such as files, emails and logins and have the power to infect connected devices with malware. Man-in-the-middle attacks would also be possible, according to Check Point.”
“The precise source of the issue is not known – a chipset software development kit (SDK) is suspected – but Check Point warned that up to 200 unpatched models using the RomPager embedded web server software (which uses a remote service called TR-069) prior to version 4.34 were probably vulnerable,” Dunn reports. “Check Point estimates that at least 12 million devices are affected across the world but suggested this could be an underestimate. Given the popularity of RomPager and the list of affected brands – D-Link, Edimax, Huawei, TP-Link, ZTE, and ZyXEL sold mainly to home users – such pessimism is realistic.”
Read more in the full article here.
Check Point’s “Misfortune Cookie” suspected vulnerable model list is here.