← Back to Topics

Router Security Vulnerabilities

Discussions center on how routers are compromised via exposed management interfaces, default or weak passwords, open SSH/Telnet ports, XSS flaws, and other exploits, with debates on whether issues stem from user misconfigurations or inherent device weaknesses.

📉 Falling 0.5x Security
3,609
Comments
20
Years Active
5
Top Authors
#8140
Topic ID

Activity Over Time

2007
2
2008
2
2009
14
2010
63
2011
56
2012
73
2013
149
2014
237
2015
202
2016
341
2017
282
2018
248
2019
258
2020
271
2021
348
2022
245
2023
257
2024
316
2025
226
2026
19

Top Contributors

tptacek (28) pixl97 (15) mschuster91 (13) Animats (13) userbinator (13)

Keywords

e.g SSID CRC TP AWS youtube.com SSH PC supermicro.cdn POS router access remote network exploit devices vulnerable attacker ssh interface

Sample Comments

eli Oct 4, 2010 View on HN

Typically this means there's either a serious XSS flaw or a default password on your router. Someone could, for example, change your DNS settings and start intercepting your traffic.

ObscureScience Feb 21, 2019 View on HN

Their router admin page and ssh are also open to the internet.

btown Sep 26, 2024 View on HN

If you're vulnerable to attacks from the LAN, you're vulnerable to your wi-fi router (or your coffee shop/workplace's router) being compromised, which is quite common; see e.g. https://www.bleepingcomputer.com/news/security/mirai-botnet-... and <a href="https://blog.lumen.com

a_participant Sep 15, 2017 View on HN

Perhaps they have a zero day telnet client or browser exploit. :)

sajal83 Oct 22, 2016 View on HN

Compromised routers can be used to compromise devices behind it. Also many devices (like IP cameras) usually have port forwarding to allow the users to access it from outside.

londons_explore Jun 25, 2021 View on HN

For most users, this device wouldn't be directly exposed to the internet... it would be behind NAT on peoples home WiFi networks.I find it hard to believe that even a critical unpatched vulnerability in the client device could be mass exploited like this.I suspect the "cloud services" are somehow at fault...

gz5 Nov 5, 2023 View on HN

good point. i simply meant that the vulnerability can be exploited from the network (with no (initial) root access to the machine) and so almost all of them are.

halJordan Aug 27, 2024 View on HN

Your modems already have a backdoor. Your wifi password is stored on their servers and modems already will execute arbitrary code through the management interface.

throwaway32 Sep 10, 2011 View on HN

Plenty of web interfaces on routers have VERY poor security, a bug that gives you access to the web interface may have just given you a shell aswell.

jackweirdy Oct 26, 2016 View on HN

Your understanding is the same as mine. I don't think that's necessarily malicious though. I also don't think it would have to be to 22/23 - do we know that SSH or Telnet were the attack vector? Thinking about general IOT devices, even if it were SSH this time it well be a web UI with RCE next time.