If you router is vulnerable to this outsiders can easily take control of hte router and use it to jump into your network. These devices have been coming under increasingly attacks due to their poor security models and the lack of security updates by the route manufacturers. I’ve begun recommending not using these types of routers anymore due to the numerous security problems they are introducing. Sophos UTM is free for home use…you jsut need to provide suitable hardware. Sophos UTM is at a reasonable cost for businesses and NPO’s and gives you true protection from the internet. For full information Contact ETC.
More than 12 million routers in homes and small offices are vulnerable to attacks that allow hackers anywhere in the world to monitor user traffic and take administrative control over the devices, researchers said.The vulnerability resides in “RomPager” software, embedded into the residential gateway devices, made by a company known as AllegroSoft. Versions of RomPager prior to 4.34 contain a critical bug that allows attackers to send simple HTTP cookie files that corrupt device memory and hand over administrative control. Attackers can use that control to read plaintext traffic traveling over the device and possibly take other actions, including changing sensitive DNS settings and monitoring or controling Web cams, computers, or other connected devices. Researchers from Check Point’s malware and vulnerability group have dubbed the bug Misfortune Cookie, because it allows hackers to determine the “fortune” of an HTTP request by manipulating cookies. They wrote:If your gateway device is vulnerable, then any device connected to your network—including computers, phones, tablets, printers, security cameras, refrigerators, toasters or any other networked device in your home or office network—may have increased risk of compromise. An attacker exploiting the Misfortune Cookie vulnerability can easily monitor your Internet connection, steal your credentials and personal or business data, attempt to infect your machines with malware, and over-crisp your toast.
via 12 million home and business routers vulnerable to critical hijacking hack | Ars Technica.