A bug has been found in the ASUS RT-AC1900p whole home WIFI router that could allow a man-in-the-middle attack if not patched. Originally found by the researchers at Trustwave, the first issue (CVE-2020-15498) stems from a lack of certificate checking. The report from Trustwave claims that if an attacker knows what to look for, they could inject a false certificate to force the installation of malicious files to allow them to snoop on all traffic going through the router. The second bug (CVE-2020-15499) is a cross-site scripting flaw in the Web Management Interface related to firmware updates. The report from Trustwave states, “The release notes page did not properly escape the contents of the page before rendering it to the user. This means that a legitimate administrator could be attacked by a malicious party using the first MITM finding and chaining it with arbitrary JavaScript code execution.”
Analyst Notes
ASUS has released a patch that fixes both flaws in firmware version 3.0.0.4.385_20253. Since this is a home-based router flaw, some home users do not have automatic firmware updates turned on. Owners of the affected routers should verify that their routers have been updated with the new firmware and turn on automatic updates when available.
Source Article: https://threatpost.com/asus-home-router-bugs-snooping-attacks/157682/
TrustWave’s Advisory: https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=27440
