Router Vulnerability Present for a Decade
Why IoT Supply Chain Is to Blame
The discovery of shared libraries used across a number of devices has led to one persistent vulnerability being present in routers provided by at least 13 ISPs across 11 countries. Discovered by Tenable researchers, CVE-2021-20090 is a path traversal vulnerability which allows an attacker to bypass authentication to the web interface, and could be leveraged to access other devices on a home or corporate network.
In this whitepaper you can learn more about the vulnerability and how it was discovered, what its impact could be upon exploit and how this issue in shared libraries can be better prevented in the future:
- How this vulnerability was present in Arcadyan's code for many years and used in thousands of routers
- How many ISPs and router devices are affected
- Which steps can be taken to make vulnerabilities better detected in shared libraries