On December 18, 2014, security researchers from Check Point Software Technologies have issued an alert about a critical vulnerability found on select residential and small business routers. An estimated 200 models and over 12 million routers are affected. Pakedge routers are not affected by this vulnerability.
We recognize that your clients use a variety of brands of networking equipment, and that it is possible that they may be at risk. Please review the quick action guide below to determine what action, if any, is required.
- Critical vulnerability CVE-2014-9222 (aka Misfortune Cookie vulnerability) announced by researchers on December 18, 2014 that affects over 200 models of residential and small business routers (including all-in-on modem/routers) and about an estimated 12 million devices worldwide
- Affected routers can be taken over with administrative privileges and hackers can get access into your network and any connected devices. Your credentials and any data stored on connected network devices are vulnerable to theft and manipulation. Attackers can upload malware and viruses onto connected devices, as well as take control of them (e.g. cameras, etc.).
- The vulnerability is in the web server (RomPager by AllegroSoft, versions 4.34 and below) embedded in the device firmware.
What equipment is impacted:
- A list of the suspected vulnerable devices are listed by Check Point’s security researchers in the pdf here. Check back on a weekly basis as more brands and models are added.
- Popular brands include – TP-Link, Huawei, D-Link, Linksys, Zyxel and ZTE. Other brands include AirLive, Arcor, Asotel, Atlantis, Azmoon, Beetel, Billion, Binatone, BSNL, Buffalo, CentreCOM, Compact, Conceptronic, Connectionnc, Delsa, den-IT, Edimax, Everest, Hexabyte, iBall, Iodata, Kraun, Lightwave, Maxnet, Mercury, MTNL, Netcomm, Nilox, Pentagram, Postef, PreWare, ProNet, Reconnect, Roteador, SBS, SendTel, SmartAX, Solwise, Starnet, Sterlite, Sweex, Twister.
- Pakedge routers and other networking equipment are NOT affected by this vulnerability. Pakedge does not incorporate the RomPager web server in its firmware.
What to do if affected:
- Contact the manufacturer or service provider (for leased units) to see if there is a firmware update addressing the vulnerability forthcoming.
- If a firmware is available, install the updated firmware.
- If no firmware is available or forthcoming, consider replacing the router with one that is not vulnerable
- Review your security policies and practices. Safeguard sensitive data using encryption and password protection. Store data on devices that can be disconnected from the network.
Where can I find more information?
- Detailed information is provided through a special web page made available through Check Point Software Technologies.
- Full list of affected routers
- US and Canada dealers – please contact your Pakedge representative if you have any concerns or questions at +1-650-385-8702 (sales) or +1-650-385-8703 (Tech Support).
Dealers outside the US and Canada – please contact your local in-country distributor if you have any questions.