SHODAN Researches DD-WRT Vulnerability – /dev/ttyS0

John Matherly of SHODAN fame and Dan Tentler from Aten Labs teamed up to research the DD-WRT information disclosure vulnerability we released back in December.

The results show that approximately 10% of remotely accessible DD-WRT routers were both vulnerable to the attack and could be geo-located based on the information gleaned from the attack.

Dan did his research back in the December-January timeframe just after the vulnerability was released. Using SHODAN, he found that out of 8,000 – 9,000 DD-WRT routers, 2,000 were vulnerable to the information disclosure bug. Out of those 2,000, he was able to geo-locate 700 – 800 of them based on the information gleaned from the vulnerability.

Dan teamed up with John in who did another SHODAN search in April, this time finding 5,688 DD-WRT routers, with 543 that were both vulnerable to the information disclosure bug and could be geo-located.

Although the results aren’t broken out by protocol (HTTP vs HTTPS), this also carries implications of how many DD-WRT users have remote administration enabled and are at risk of SSL MITM attacks.

John has put together a great write-up and a Google map of his results on the SHODAN Research page.

Dan’s work can be found on the Aten Labs blog.

Bookmark the permalink.

Comments are closed.