Millions of Home Routers are Vulnerable | The GPON Takedown

These days, consumers get hold of blazing fast internet connection at their homes, thanks to high-performance routers and better media utilization. However, it is these high-performance routers that often make the entire home networks extremely vulnerable.

VpnMentor did a detailed assessment on such GPON or Gigabit Passive Optical Networks and they have uncovered a way that can be used to bypass all authentication mechanisms on these devices.

GPON

The vulnerability is called CVE-2018-10561, where CVE stands for Common Vulnerability and Exposures. This is a standard technique used by tech companies to name discovered vulnerabilities.

The flaw has been discovered in HTTP servers on GPON networks that check specific paths when authenticating the router.

The attacker can bypass the authentication simply by adding an image suffix to the URL. Even worse, this vulnerability can be used to remotely execute commands on the device and take complete control of the device.

The firm said that during the analysis of GPON firmware, they discovered two vulnerabilities that can be used to take over the user’s home computers or any other device connected to the network.

GPON

While looking through the device functionalities, the firm found that it is also quite easy to execute commands on the remote computer by bypassing the authentication.

The attacker can not only use these vulnerabilities of seeing the IP address of the system, and even find the matching physical address, but they can also see what the user is doing on the internet.

It is possible to form a MiTM or Man-in-the-Middle attack, harvest information from web pages and even steal user credentials.

From this vulnerability on the routers, even attackers can breach the privacy of individuals. This includes browser history up to thirty days, Facebook or Twitter pages visited, emails opened and even more.

The firm tested the vulnerability on all the GPON routers used in the market and found the security hole in all of them.

What is GPON?

GPON is an optical fiber-based network. It gives up to 1Gbps internet speeds at homes. It is quite frequently used in small offices or homes with multiple devices.

GPON routers are deployed by ISPs that provide FTTH or Fiber to the Home connectivity. A lot of ISPs globally provide this connectivity.

A great feature of GPON is the ability to consolidate multiple services into a single fiber.

What can you do about it?

If you have a GPON router at your home or office that is provided by your ISP, contact them immediately to check for a firmware update.

GPON

The router manufacturer will provide with a firmware update to patch this vulnerability.

If you use an aftermarket GPON router that you purchased separately, the check with the manufacturer about the firmware update.

Until the firmware is updated, use any security suite such as an antivirus to thwart such attacks. An antivirus solution will not stop the attacks but can minimize the harmful effects. If you are sending sensitive information over the connection, make sure you use a VPN proxy.

Leave a Reply