A security research has released details of flaws in Asus' AiCloud service, bundled with selected models of router, which are claimed to allow 'multiple methods of attack and several dangerous remote exploits.'
In a home network, the router is the first - and, oftentimes, the last - line of defence. Unless manually modified, or programmatically modified via the Universal Plug 'n Play (UPnP) protocol, a router using Network Address Translation (NAT) ensures that no internal systems are directly accessible from the internet. The router itself, naturally,
is directly accessible - and this is why it is important for manufacturers to ensure they have locked their devices down as much as possible.
Asus, it is claimed, hasn't been careful enough in the development of its personal cloud service AiCloud. According to security researcher Kyle Lovett, all AiCloud enabled firmware versions for Asus' various routers - comprising the RT-AC66R, AT-AC66U, RT-N66R, RT-N66U, RT-AC56U, RT-N56R, RT-N56U, RT-N14U, RT-N16 and RT-N16R - have numerous vulnerabilities that can allow for disclosure of supposedly private files or even remote code execution directly on the router in order to compromise the entire network.
Lovett has gone public with his findings, posting to the popular
BugTraq mailing list, following what he claims is poor handling of the issue from Asus. '
In June I released a partial disclosure for just the RT-N66U on the issue of directory traversal. I have only heard back from Asus twice on the issue, and I understand they are working on a fix,' writes Lovett. '
However, no serious attempt to our knowledge has been made to warn their customers in the meantime, even after multiple requests from several different security professionals.
'Nor has Asus posted a disclosure of these serious issues to new potential customers on their AiCloud web adverts, since they still advertise the product as an add-on with these routers as a safe and bug free home cloud solution,' Lovett adds.
The vulnerabilities in the routers, all of which run on a Linux port based on the outdated 2.6 kernel tree, open up the potential for serious security issues. Lovett claims that the problems range from allowing external users unauthenticated read and write access to all files and folders shared via the AiCloud service, access to a clear-text credentials file containing plain-text usernames and passwords with no encryption, the ability to switch on point-to-point tunnelling protocol (PPTP) without user knowledge, and the ability to gain remote SSH access to the router and run any code of the attacker's choosing.
Lovett's recommendations for those affected by the flaw, pending the release of fixed firmware files from Asus, is to disable all UPnP services, all three AiCloud items, disable remote access to the router's settings page, change the default username and password, and if the AiCloud service has been in active use to change the password to that as well.
Asus has not yet responded to a request for comment on Lovett's claims.
Want to comment? Please log in.