Flaw in common hotel router threatens guests' devices
- 27 March, 2015 06:25
Corporate travelers should be warned that a Wi-Fi router commonly used in hotels is easily compromised, putting guests passwords at risk and opening up their computers to malware infections and direct attacks.
The good news is that there is a patch for the flaw, but there is no guarantee affected hotels will install it right away.
+ More on Network World: 10 young security companies to watch in 2015 +
Cylance, a security vendor whose research team found the problem, says 277 InnGate routers in 29 countries are affected. The routers are made by ANTLabs.
Cylance researchers wouldn't say which hotels were using the devices. "Listing those vulnerable devices at this time would be irresponsible and could result in a compromise of those networks," says the Cylance SPEAR team blog. "Take it from us that this issue affects hotels brands all up and down the spectrum of cost, from places we've never heard of to places that cost more per night than most apartments cost to rent for a month."
The vulnerability could also affect the hotels themselves if attackers are able to compromise the router then move to other parts of the hotel network, SPEAR says, potentially affecting reservations and billing.
"ANTLabs InnGate devices are a popular Internet gateway for visitor-based networks. They're commonly installed in hotels, convention centers and other places that provide temporary guests access to a WiFi connection. If you've ever used WiFi in a hotel, you're familiar with these types of devices as they are typically tied to a specific room number for billing purposes," the blog says.
The flaw, called CVE-2015-0932, gives read and write access to the file system of the routers. "Remote access is obtained through an unauthenticated rsync daemon running on TCP 873. Once the attacker has connected to the rsync daemon, they are then able to read and write to the file system of the Linux based operating system without restriction," according to the blog.
Once access is gained to the file system, it's trivial to execute remote code on the machine, it says.