Scott Helme, a blogger from the UK has warned of multiple vulnerabilities with BrightBox, a router that’s standard equipment for subscribers to the UK’s EE telecom service. He found that the device leaked sensitive information such as WPA encryption keys, passwords and ISP user credentials. Hackers might also have the ability to change a router’s DNS settings in order to intercept a target’s internet traffic.
EE has since provided patches to the firmware for this device. However, Helme claims that even with the modified firmware the device is still susceptible to other problems. “With a little CSRF, I can enable remote management on your router and steal all of your sensitive data like WPA keys, ISP credentials and the md5 hash of your admin password over the Internet. Once I’ve cracked the hash I can login and do just about anything I like with your device or not bother with any of that and just call EE to cancel your internet connection,” Helme said.
It is worth noting that EE patched the device automatically over broadband lines and did not require their customers to download and apply the fix themselves.