Is current DD-WRT vulnerable to this?

Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions
Author Message
nickant
DD-WRT User


Joined: 09 Feb 2016
Posts: 319

PostPosted: Wed Jan 22, 2020 9:16    Post subject: Is current DD-WRT vulnerable to this? Reply with quote
Today's article in Ars Technica:
https://arstechnica.com/information-technology/2020/01/internet-routers-running-tomato-are-under-attack-by-notorious-crime-gang/
The headline says Tomato, but DD-WRT gets a mention in the second,fifth and last paragraphs.
Can someone please confirm if this is something to be concerned with, and from what build onwards is safe?

_________________
------------------------------------
Netgear XR500 OpenWrt-23.05.3 (Gateway)
Linksys EA8500 OpenWrt-23.05.3 (Wired AP)
Linksys WRT3200ACM DD-WRT r55460 (spare Wired AP)
Netgear WNDR3700v4 DD-WRT r55460 (spare Gateway)
Photos: https://www.flickr.com/photos/nickant44/albums
Sponsor
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6407
Location: UK, London, just across the river..

PostPosted: Wed Jan 22, 2020 9:24    Post subject: Reply with quote
nope, unless you are not an idiot to compromise your own router.... Twisted Evil
telnet/ssh are not available on reset, the default telnet its activated once user set pass, on default there is no WAN details and so on...and so on..

bruteforce is limited to certain success so far i havent seen hacked DDWRT unit..with automated bruteforce...if you are so paranoiac disconnect the unit prior update...and never use WAN GUI access unless is not secured with private encrypted-pass protected key only...

but've seen Netgear, TP-Link, D-Link on stock firmware to do a lot of shit...

more on the subject https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=322859

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913


Last edited by Alozaros on Wed Jan 22, 2020 9:31; edited 1 time in total
nickant
DD-WRT User


Joined: 09 Feb 2016
Posts: 319

PostPosted: Wed Jan 22, 2020 9:31    Post subject: Reply with quote
Following one of the links from the article leads to this:
muhstik: We first disclose this botnet last month (report-2018-04). In the latest update, Muhstik added exploits for the three vulnerabilities: GPON (cve-2018-10561, cve-2018-10562), JBOSS (cve-2007-1036) and DD-WRT (Web Authentication Bruteforcing).

Not sure if it's an issue or not, just asking.
And no, I don't do remote management and all passwords used are diceware generated with entropy over 100...

_________________
------------------------------------
Netgear XR500 OpenWrt-23.05.3 (Gateway)
Linksys EA8500 OpenWrt-23.05.3 (Wired AP)
Linksys WRT3200ACM DD-WRT r55460 (spare Wired AP)
Netgear WNDR3700v4 DD-WRT r55460 (spare Gateway)
Photos: https://www.flickr.com/photos/nickant44/albums
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6407
Location: UK, London, just across the river..

PostPosted: Thu Jan 23, 2020 8:17    Post subject: Reply with quote
in general everyone can create an automated script to attack a certain vulnerabilities....here and there..

so, far WAN remote access is not present on default as well telnet and SSh and i don't know how many ppl are using it with default password or something like...

basically this article has not much idea in it, than someone's want to attract attention and address very rare occasions related to an a deliberate router misconfiguration....

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
blkt
DD-WRT Guru


Joined: 20 Jan 2019
Posts: 5660

PostPosted: Thu Jan 23, 2020 9:32    Post subject: Reply with quote
The article is FUD clickbait.
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6407
Location: UK, London, just across the river..

PostPosted: Thu Jan 23, 2020 13:46    Post subject: Reply with quote
blkt wrote:
The article is FUD clickbait.


FUD = Fear Uncertainty and Doubt

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14125
Location: Texas, USA

PostPosted: Thu Jan 23, 2020 17:38    Post subject: Reply with quote
Alozaros wrote:
blkt wrote:
The article is FUD clickbait.


FUD = Fear Uncertainty and Doubt


I'm sure you've both GDB'd and vulnerability tested the code and firmware images. /couldn'tresist Mr. Green

_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6407
Location: UK, London, just across the river..

PostPosted: Thu Jan 23, 2020 18:12    Post subject: Reply with quote
kernel-panic69 wrote:
Alozaros wrote:
blkt wrote:
The article is FUD clickbait.


FUD = Fear Uncertainty and Doubt


I'm sure you've both GDB'd and vulnerability tested the code and firmware images. /couldn'tresist Mr. Green


Yes... i do I really do ... Razz
I'm sure you wouldn't tell us, if you find something on your own...

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14125
Location: Texas, USA

PostPosted: Thu Jan 23, 2020 21:15    Post subject: Reply with quote
Gee, I don't know how to answer that... Shocked Evil or Very Mad Exclamation
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum