A security researcher discovered three serious flaws in the firmware of wireless routers made by the company Ruckus and disclosed information about those flaws at a security conference in Germany three days ago. The researcher previously disclosed the vulnerabilities to the manufacturer so that a security patch could be developed. The vulnerabilities allow a remote attacker to completely take over affected routers and operate using the “root” account, which provides the attacker with unlimited access to spy on unencrypted network traffic, redirect internal requests to malicious sites, or inject malicious content in responses from any unencrypted website. A security update for affected Ruckus routers is available from the manufacturer, but customers must proactively download and apply the patch themselves – the routers are not automatically updated.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.