Government has an ‘important’ warning for these routers, here’s what users should do right away

1 year ago 28

Computer Emergency Response Team (

CERT-In

) has issued an important

advisory

for Wi-Fi routers from Digisol. The government body has reported that it has found multiple

security flaws

Digisol router

’s firmware that can allow a local attacker to perform security bypass or obtain sensitive information on the targeted system.
Security flaw details
According to the advisory, the government body has found three major issues with the Digisol router.

Here are the details.
Password Policy Bypass Vulnerability ( CVE-2024-2257)

This vulnerability exists in Digisol Router due to improper implementation of password policies. An attacker with physical access could exploit this by creating password that do not adhere to the defined security standards/policy on the vulnerable, says the advisory.
The report mentions that successful exploitation of this vulnerability could allow the attacker to expose the router to potential security threats.

Incorrect

Access Control Vulnerability

( CVE-2024-4231)
This vulnerability, as per the advisory exists in Digisol Router due to presence of root terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by identifying UART pins and accessing the root shell on the
vulnerable system. Successful exploitation of this vulnerability could allow the attacker to access the sensitive information on the targeted system.
Password Storage in Plaintext Vulnerability ( CVE-2024-4232 )
This vulnerability exists in Digisol Router due to lack of encryption or hashing in storing of passwords within the routers firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext passwords on the vulnerable system. Successful exploitation of this vulnerability could allow the attacker to gain unauthorized access to the targeted system.
Affected version
As per the report, Digisol Router DG-GR1321: Hardware version 3.7L; Firmware version : v3.2.02 are affected by these

vulnerabilities

.
What users should do
Users are advised to download and install the latest available firmware for the router.

Article From: timesofindia.indiatimes.com

Read Entire Article

Note:

We invite you to explore our website, engage with our content, and become part of our community. Thank you for trusting us as your go-to destination for news that matters.

Certain articles, images, or other media on this website may be sourced from external contributors, agencies, or organizations. In such cases, we make every effort to provide proper attribution, acknowledging the original source of the content.

If you believe that your copyrighted work has been used on our site in a way that constitutes copyright infringement, please contact us promptly. We are committed to addressing and rectifying any such instances

To remove this article:
Removal Request