this post was submitted on 15 Jun 2024
24 points (100.0% liked)

Technology

37739 readers
50 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

Today I scanned my router with routersploit. The scan ended and showed one vulnerability: eseries_themoon_rce.

I searched the internet and found that this is a vulnerability in Linksys E-Series routers. But I am not on linksys at all. And I didn't find anything about getting rid of it.

I'm wondering if someone knows how to make this vulnerability eliminate?

you are viewing a single comment's thread
view the rest of the comments
[–] PaddleMaster 11 points 5 months ago (2 children)

Looks like there’s a metasploit available. You can use that on your router to see if it’s susceptible. A quick google search indicates that this is only successful on older routers without input validation.

In general, follow good cyber security hygiene, and update the firmware on your router. If your router no longer is supported by the vendor (no more firmware updates for vulnerabilities found), then it’s old and you should upgrade.

[–] some_guy@lemmy.sdf.org 8 points 5 months ago (1 children)

You might also be able to replace the firmware with something like DD-WRT or OpenWRT or Tomato or other third-party firmware.

[–] user224@lemmy.sdf.org 3 points 5 months ago

Good idea.

You can still get the newest DD-WRT builds even on the WRT54G.
That is a Wi-Fi router from 2002.

Of course, the features are sort of limited. I tried the VPN build (on WRT54GL), but I couldn't get the OpenVPN client to connect. I found some thread mentioning it may be missing something, but I don't know if that's the issue.

Anyway, without overclocking I'd expect like 2Mbps. I mean, it barely handles HTTPS. Just trying to load the WebUI maxes out the CPU for several seconds if trying to use HTTPS.
Perhaps it's not missing anything software-wise, but it's just so slow it times out during handshake.
So I just put the std build on it in case it will be useful at some point.

[–] maya@discuss.tchncs.de 2 points 5 months ago

Thank you for advice and additional info. I bought a modern router Cudy WR3000 with WiFi-6 support. And it has the last firmware update available.