A path crossing vulnerability exists in many routers manufactured by multiple vendors using Arcadyan based software. This vulnerability allows an unauthenticated user to access sensitive information and allows configuration of the router to be changed.
The vulnerability, identified as CVE-2021-20090, is a traversal vulnerability. An unauthenticated attacker can exploit this vulnerability to access resources that would normally be protected. The researcher initially thought it was limited to a single router manufacturer and released his findings, but then found the problem existed in Arcadyan-based software that was used in routers from multiple vendors.
Successful exploitation of this vulnerability could allow an attacker to access pages that would otherwise require authentication. An unauthenticated attacker could gain access to sensitive information, including valid request tokens, which could be used to make requests to change router settings.
CERT / CC recommends updating your router to the latest firmware version available. It is also recommended to disable the remote administration services (WAN side) on any SoHo router and also to disable the web interface on the WAN.
Learn more about the Software Engineering Institute CERT Coordination Center
(Visited 10 times, 3 visits today)