Is your router hit by Heartbleed?
Author: Mark Richardson
What is Heartbleed?
Heartbleed is a bug in the widely used OpenSSL's cryptography library. Simplistically, the effect of this bug, if left unpatched, is that a malicious user can establish a "secure" connection to a target computer or device and read parts of its victim's memory that it should not have access to.
What does it mean for routers?
Many routers often run a basic web server to allow an administrator to access online control panels. Some of these routers use the affected versions of OpenSSL and so are hit by the Heartbleed bug. This means that an attacker who has access to the network can obtain data from the router's memory. In a router this data will normally be information which is moving around your network, or between your machine / network and the internet. Typically this could include usernames, passwords, emails, social media updates, etc
It should be made clear that this will only affect unpatched routers where a malicious user can establish a connection with the router. Some examples of where this could occur are:
• Company networks, schools, anywhere with lots of people are allowed to use the network. This set-up will potentially allow a malicious user to see the information of other user's on the network.
• Internet Cafes - A malicious user in the cafe will be able to see what you do. Though using an encrypted https connection with the destination server should secure you from all but the most determined hacker.
• If your router has external access enabled for remote administration over the internet or has cloud control, then potentially any malicious hacker can access your router, and then gain access to your network.
• If you run a guest network on your router. Anyone on the guest network can potentially access your secure network.
Which routers are hit by heartbleed?
Below is our table of which routers are effected, by router manufacturer.
|Apple||802.11ac models only, patch available.|
|Asus||Not affected due to older SSL implementation. But upgrading to newer version anyway.|
|Buffalo||Newer routers are ok. Running DD-WRT on an AirStation WZR-HP-G300NH2, WZR-HP-G450H or WZR-HP-AG300H? Then check here.|
|Cisco||It's a mixed picture - check your router here|
|Edimax||Have not responded to our requests for info|
|Juniper||Firmware on some routers affected. Details here|
|Western Digital||MyCloud product family hit. Details here.|