Router Vulnerability: CVE-2014-9222 / misfortune cookie
NEWS Assumed Closed Broadband and Ethernet
STATUS
Assumed Closed
CREATED
Dec 19, 09:44 AM (9¼ years ago)
AFFECTING
Broadband and Ethernet
STARTED
Dec 19, 09:00 AM (9¼ years ago)
REFERENCE
2061 / AA2061
INFORMATION
  • INITIAL
    9¼ years ago by Andrew

    Today the CVE-2014-9222 router vulnerability AKA 'misfortune cookie' has been announced at http://mis.fortunecook.ie/ This is reported to affect many broadband routers all over the world. The web page has further details. We are contacting our suppliers for their take on this, we'll post follow-ups to this status post shortly. It is also worth noting that at the time of writing CVE-2014-9222 is still 'reserved': http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9222

  • UPDATE
    9¼ years ago by Andrew

    Technicolor Routers:- These routers are not (yet?) on the list, we are awaiting a response from Technicolor regarding this. Update: Technicolor say "We don’t use that webserver, so not impacted”"

  • UPDATE
    9¼ years ago by Andrew

    ZyXEL P-660R-D1: This router is on the list. We are awaiting a response from ZyXEL though. We do already have this page regarding the web interface on ZyXELs: http://wiki.aa.org.uk/Router_-_ZyXEL_P660R-D1#Closing_WAN_HTTP and closing the Web server from the WAN may help with this vulnerability. Update: The version of RomPager (the web server) on ZyXELs that we have been shipping for some time is 4.51. Allegedly versions before 4.34 are vulnerable, so they may not be vulnerable. You can tell the version with either: wget -S IP.of.ZyXEL or curl --head IP.of.ZyXEL Update 2015-01-07: P-660R-D1 Not affected: http://www.zyxel.com/support/ZyXEL_Helps_You_Guard_against_misfortune_cookie_vulnerability.shtml

  • UPDATE
    9¼ years ago by Andrew

    Dlink 320B: We supply these in Bridge mode and therefore are not vulnerable.

  • UPDATE
    9¼ years ago by Andrew

    FireBrick: Firebricks are not vulnerable.