Security researchers have identified a number of vulnerabilities in Ruckus-branded access points and routers. As tends to be the case, they all affect the router’s UI—allowing an attacker to log in as an administrator regardless of your password and, in doing so, control your router from afar.
And when that happens, said HCL Technologies’ Gal Zror in an interview with TechCrunch, your router becomes a great candidate for all sorts of malicious activity. An attacker can use your hardware as part of a massive botnet to launch distributed denial-of-service attacks against other websites, or they can just take over your browsing experience and serve you up bogus pages to phish your account credentials when you try to visit regular sites.
Since Ruckus routers are primarily for businesses, not homes, this situation has the potential to be worse—not that it would be great if someone fed you phishing sites instead of lifehacker-dot-com in your house, but at least your livelihood isn’t potentially affected. And, in that case, it’s only you who has to do some troubleshooting; an attacker exploiting a vulnerable Ruckus router or access point—from the company’s “Unleashed” lineup—has the potential to affect an entire office’s worth of people. And that only amplifies the potential for problems.
Ruckus has patched these vulnerabilities in various firmware updates, but the affected routers all require manual updates. If you’re a network administrator for your small business, you should know what to do already. If you’re not, or you’re not sure if your friendly IT manager has seen the news, it wouldn’t hurt to pop on by and say hello this morning. They’ll want to make sure your business’ Unleashed access points are running firmware version 18.104.22.168.92 at minimum, and they can quickly grab any updates they need from here.
Given the simplicity of the attacks—one can be launched using a single line of code—I’d make sure they know sooner than later if you happen to know that your office or business uses Ruckus gear. (Here’s hoping you use the company’s SmartZone-enabled or Cloud devices, which are not affected.)