Certain models of Arris routers are infested with a bug – that may allow anyone to exploit it for performing remote code execution attacks.
As reported by Yerodin Richards, the exploitation of this bug needs an initial authentication into the device – it’s likely that most users wouldn’t update their router credentials since they are taken from an ISP and with Arris refusing to safeguard them with needed patches, citing their end-of-life period, customers using them are now at risk.
Critical Bug in Arris Routers
As reported by a security researcher named Yerodin Richards, Arris routers running on firmware version 9.1.103 are vulnerable to remote code execution (RCE) attacks – pertaining to a bug on them. Affected models include TG2482A, TG2492, and SBG10, which are usually found in the Caribbean and Latin America.
Tracked as CVE-2022-45701, the researcher had informed Arris earlier and now released a proof-of-concept code for anyone to use for exploitation! Though he noted needing an initial authentication to the device – it’s usual that most users keep their default router credentials intact since they are taken from the ISP.
Maybe because they’re too lazy to change them, or none have told them strongly enough that it’s a safe practice. Well, Arris routers, now having their default credentials unchanged, will be the target of hackers soon for more malicious operations.
Though Arris acknowledged Richard’s report, it refused to patch them up, citing the vulnerable firmware they’re running is at it’s end-of-life (EOL) period! This puts all the users with above mentioned Arris router models at risk, with no permanent solution.
While there’s a reliable workaround suggested by the researcher – “to run the exploit to gain a root shell and try to patch it from there” – it’s by no means a simple solution for a normal user. So users should better change their current default credentials to stronger ones and keep checking their network behavior often to stay safe.
Other Trending News:- News
