Independent security researchers have found over 100 different Vulnerabilities across 13 different Router and NAS models.
The targets ranged from routers designed for general consumers to high-end devices designed for enterprise use. And all 13 of the devices evaluated had at least one web application vulnerability.
One of the researchers Stated; We obtained root shells on 12 of the devices, allowing complete control over the device. Unfortunately, six of the devices were remotely exploited without authentication.
These defense-in-depth mechanisms can greatly enhance the security posture of web applications and the underlying systems they interact with. In many cases, our remote exploits wouldn’t have worked if customary web application security practices had been implemented.
In Conclusion, when purchasing new IT equipment, the security of devices should be of importance. Manufacturers with a history of numerous security vulnerabilities should be avoided. Likewise, how a manufacturer has handled patching issues and the length of time that devices are supported should also be considered.
If you or your business needs any assistance with Securing your IT environment. Feel free to contact TechBug on 07 3439 9749.