The purpose of this paper is to outline the security measures being taken by vendors to prevent such attacks in their home routing products, what those security measures accomplish, and where they fall short. We will use existing network tools to examine common vulnerabilities in a range of popular devices and demonstrate weaknesses in the security of those devices; additionally, we will examine common trends in security measures that have been duplicated across vendors, and examine how those trends help and hinder the security of their devices. In particular, we will examine the following home routers, which are some of the latest offerings from their respective vendors at the time of this writing:
* Linksys WRT160N
* D-Link DIR-615
* Belkin F5D8233-4v3
* ActionTec MI424-WR

The original article can be found at: http://www.sourcesec.com/Lab/soho_router_report.pdf

Conclusion:
Router manufacturers are increasing the security of their devices, however, home router security still has a long road ahead of it. Below is a table listing each of the devices and their associated, reasonably exploitable, vulnerabilities mentioned in this paper; these types of vulnerabilities must be considered by all vendors, and should be investigated by any consumer before purchasing a router.

Explore More

What is DNS hijacking?

DNS hijacking is the process of altering the name server records and redirecting the users to a bogus website. As everyone knows every domain name depends on its name server

Read More

Nessus Vulnerability Scanner

Are you Vulnerable? If you don’t have the luxury of building secure software from the start and your business uses off the shelf software to get your work done you

Read More

Critical XSS vulnerability in YouthDreams.Net

Security Researcher $@T0R! reported another XSS vulnerability in http://www.youthdreams.net Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications that enables malicious attackers to inject

Read More