Posted on Wednesday, July 17 2013 @ 13:16 CEST by Thomas De Maesschalck
A security researcher discovered that ASUS routers with the AiCloud service are vulnerable to attack. Numerous security flaws in the software give attackers read and write access to all files and folders shared via AiCloud, as well as access to a plain text file with all usernames and passwords with no encryption, plus the ability to adjust settings and run remote code via SSH.
In a home network, the router is the first - and, oftentimes, the last - line of defence. Unless manually modified, or programmatically modified via the Universal Plug 'n Play (UPnP) protocol, a router using Network Address Translation (NAT) ensures that no internal systems are directly accessible from the internet. The router itself, naturally, is directly accessible - and this is why it is important for manufacturers to ensure they have locked their devices down as much as possible.
Asus, it is claimed, hasn't been careful enough in the development of its personal cloud service AiCloud. According to security researcher Kyle Lovett, all AiCloud enabled firmware versions for Asus' various routers - comprising the RT-AC66R, AT-AC66U, RT-N66R, RT-N66U, RT-AC56U, RT-N56R, RT-N56U, RT-N14U, RT-N16 and RT-N16R - have numerous vulnerabilities that can allow for disclosure of supposedly private files or even remote code execution directly on the router in order to compromise the entire network.
ASUS has issued new firmware that fixes the issue on some routers, but other models are still waiting for a fix. To prevent attacks on unpatched routers, security researcher Kyle Lovett recommends users to disable all UPnP services, all three AiCloud items, disable remote access to the router's settings page, change the default login and password, and change the AiCloud service password if the service has been in active use.
