Internet

They discover a failure in the Movistar router; that’s how it affects you

An XSS vulnerability affects Movistar’s HGU router

It is one of the models most used by fiber optic customers. It specifically affects the model HGU RTF8115VW manufactured by Askey, since Movistar has several similar-looking models. This is the most recent, so if you have contracted fiber with this operator or its subsidiary O2 in recent months, it is very likely that you are affected.

How does this problem work? This occurs when visit a url with the access interface to the router. Basically the form with which we put the username and password to enter the configuration and be able to change the Wi-Fi password, the name of the network, etc. The Movistar HGU router is a widely used model and such a failure can affect many clients.

According to the user bokanrb on GitHub, this security flaw was discovered five months ago, last February, and has not yet been corrected. There it shows how this vulnerability works and how a hypothetical attacker could take advantage of it and put our security at risk.

How to know if the router is affected

An attacker can use the URL http://192.168.1.1/cgi-bin/te_acceso_router.cgi?curWebPage=/settings-internet.asp";alert('xss')//&loginUsername=admin&loginPassword=admin where 192.168.1.1 would be the default gateway to access the router and alert (‘xss’) would be the JavaScript code it would execute. The name and password part would contain any value, since these are not validated.

In the event that our device is affected by this vulnerability, which will be normal if we use the RTF8115VW model of the Movistar HGU router, a dialog box by putting that url in the browser.

In this way, through this technique a possible attacker could execute malicious code in our team. It does this after it gets us to visit the URL with the bug. Logically with this it could sneak malware, enter our devices, steal information …

The vulnerability It has been registered as CVE-2021-27403. At the time of writing this article it has not yet been resolved, but it is expected that updates will be released soon to be able to solve it. That is why we always recommend having the latest versions of the devices. Updating the router is essential to maintain security.

In short, one of the most widely used fiber optic routers today has a major security flaw. At the moment it has not been corrected and those who have recently contracted fiber with Movistar or with O2 are very likely to have the HGU RTF8115VW model, manufactured by Askey, and should be aware to avoid problems that affect the network.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *