< New Article: CSP Is Dead, Long Live CSP! - On the Insecurity of Whitelists and the Future of Content Security Policy

New Article: Revisiting SOHO Router Attacks

by Álvaro Folgado Rueda and José Antonio Rodríguez García and Iván Sanz de Castro

Domestic routers have lately been targeted by cybercrime due to the huge amount of well-known vulnerabilities which compromise their security. The purpose of this paper is to appraise SOHO router security by auditing a sample of these devices and to research innovative attack vectors. More than 60 previously undisclosedsecurity vulnerabilities have been discovered throughout 22 popular home routers, meaning that manufacturers and Internet Service Providers have still much work to do on securing these devices. A wide variety of attacks could be carried out by exploiting the different types of vulnerabilities discovered during this research.
This article appears in the special edition „In Depth Security – Proceedings of the DeepSec Conferences Vol. 2“. Edited by Stefan Schumacher and René Pfeiffer

The Article can be found at http://www.sicherheitsforschung-magdeburg.de/uploads/journal/MJS_054_Rueda_SOHORouter.pdf