by bassman30
New Member

4GEE WiFi Mini - Router Vulnerability

Hi there

 

I have run a network scan using Avast Free Antivirus - and it has found a vulnerability on my 4GEE Mini router. (see message below)

 

"We have identified the following problem with your router or Wi-Fi hotspot device:

DnsMasq heap buffer overflow vulnerability


Severity: High

Reference: CVE-2017-14491 | Google Security Blog

Description:
The affected device's DNS service is running an outdated version of the DnsMasq software which is known to have a heap buffer overflow vulnerability. A remote attacker can gain control of your network device and your Internet connection by sending malformed DNS packets to the device. It allows the attacker to intercept connections and perform a traffic hijack, or execute arbitrary code with unrestricted privileges as well as access all important and private data stored on the device -- your device login/password combination, your Wi-Fi password, and your configuration data.

Impact:
Any device connected to your network, including computers, phones, tablets, printers, security cameras, or any other networked device in your home or office network, may have an increased risk of compromise.

Recommendation:
The issue was fixed in DnsMasq software version 2.78, released in October 2017.

To solve the vulnerability on your device, apply the firmware or system update that contains DnsMasq software version 2.78 or higher provided by your device's manufacturer.

If an update addressing the vulnerability is not yet available for your device, you can secure your router or Wi-Fi hotspot with a strong password to minimize risks imposed by the vulnerability. We also advise you not to visit suspicious websites or run software from questionable sources."

 

Have EE yet released a firmware upgrade to address this issue (ie. are EE aware that the DnsMasq software requires to be upgraded to v2.78 asap??)

 

I have checked for firmware updates on my router admin page but it says my router firmware is "up to date"...

 

Your thoughts please?

3 REPLIES
by Grand Master
Grand Master

Re: 4GEE WiFi Mini - Router Vulnerability

The "remote attacker" would need to be within WiFi range of your router at the very least.

__________________________________________________________________________________________
If you think I helped please feel free to hit the "Star" button below.
To phone EE: The local rate landline number 0207 362 0200 or Freephone 0800 079 8586 - Option 1 for Mobiles; Option 2 for 4G WiFi; Option 3 for Home Broadband & EE TV.

ISPs: 1999: Freeserve 48K Dial-Up => 2005: Wanadoo 1 Meg BB => 2007: Orange 2 Meg BB => 2008: Orange 8 Meg LLU => 2010: Orange 16 Meg LLU => 2011: Orange 20 Meg WBC
by geoffers12 Investigator
Investigator

Re: 4GEE WiFi Mini - Router Vulnerability

Same with the new 4GEE HH70VB model

dnsmasq-dhcpv6 - 2.73-1

 

Not a huge risk - but there will be some POC scripts out there that does it from a webpage that your browsing.

You could always manually set your dns servers on the devices to something other than the router [8.8.8.8 / 8.8.4.4 are two example public dns servers from google]

 

by gazs
Explorer

Re: 4GEE WiFi Mini - Router Vulnerability

Thanks for the updates so far but it looks like there's no solution is that right?

 

If there is no current firmware update to counter this issue from EE - Isn't that a bit of a risk to customers?

Let's get started

Join the EE Community to ask, answer, learn and share.