If you're running an Asus wireless router, chances are good that someone inside your network can take full administrative control of it thanks to a currently unpatched vulnerability in virtually all versions of the firmware, a security researcher said.
While the vulnerability isn't as serious as those that allow hackers on the Internet at large to compromise the devices, it's nonetheless concerning. People with administrative control can reroute everyone connected to malicious websites and possibly install alternate or even malicious firmware updates.
"I trust people that join my network to some degree, but I don't want them to be able to reconfigure the router," Joshua Drake, research director at Accuvant and the person who brought the vulnerability to light Thursday, told Ars. "I can't prevent them without this getting fixed (short of the workaround)."
Read 4 remaining paragraphs | Comments