Sign in / up

back to article SOHOpeless: Belkin router redirection zero-day

Security bod Joel Land has reported zero-day holes in a popular model of Belkin router allowing attackers to yank cleartext credentials, spoof DNS responses, and pop admin interfaces. The Belkin N600 DB Wireless Dual Band N+ box released in 2012 and selling for around AUD$150 contains five vulnerabilities from slack randomness …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Ole Juul

    AUD$150?

    I wonder what Belkin charges for a secure model.

    3 0 Reply
    1. tony2heads
      Reply Icon

      Re: AUD$150?

      That assumes that they have one

      8 0 Reply
  2. Maverick

    Belkin? nup

    3 0 Reply
  3. Voland's right hand Silver badge

    Double standards

    So if the router was electrically unsafe it would have been removed from sale.

    Being "digitally" unsafe however provides Belkin with extra margin by cheapskating on software.

    Frankly, a CVE should be an automatic "remove from sale" until it is fixed and if it is not fixed in a timely manner a "recall at the cost of the manufacturer". It is funny how a lot of the "cheap" crap sold by the like of Belkin will suddenly stop being cheaper than proper kit at that point.

    10 1 Reply
    1. Nolveys
      Reply Icon
      Flame

      Re: Double standards

      So if the router was electrically unsafe it would have been removed from sale.

      Belkin products are only electrically unsafe if you plug them in and turn them on, which the manuals explicitly warn against. Injury, death and property damage resulting from the use of Belkin products are always due to consumer error.

      1 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like