- Jun 9, 2013
- 6,720
A severe security flaw in the implementation of the SNMP protocol allows an attacker to take over at least 78 cable modem models, according to a team of researchers.
The vulnerability, tracked as CVE 2017-5135 but nicknamed StringBleed, affects the Simple Network Management Protocol (SNMP), a popular protocol invented in the 80s and used for managing network-connected devices.
StringBleed is an authentication bypass in SNMP v1 and v2
Since its creation, the protocol has gone through different versions, with the most recent being SNMPv3. According to Ezequiel Fernandez and Bertin Bervis, two security researchers from Argentina and Costa Rica, respectively, there is a flaw in the authentication mechanism of SNMPv1 and SNMPv2.
While v3 comes with support for a username-password combo for the authentication system, v1 and v2 rely on a very simplistic authentication procedure that implies sending a string inside an SNMP request from an SNMP client (app) to a device's SNMP daemon.
The device reads this string inside the SNMP request, called a "community string," and replies to the SNMP client request, either with data or by executing an action.
Once someone authenticates on the device, they have the ability to read or write data to the system with no restrictions.
Full Article. Several Cable Modem Models Affected by SNMP God Mode Flaw
The vulnerability, tracked as CVE 2017-5135 but nicknamed StringBleed, affects the Simple Network Management Protocol (SNMP), a popular protocol invented in the 80s and used for managing network-connected devices.
StringBleed is an authentication bypass in SNMP v1 and v2
Since its creation, the protocol has gone through different versions, with the most recent being SNMPv3. According to Ezequiel Fernandez and Bertin Bervis, two security researchers from Argentina and Costa Rica, respectively, there is a flaw in the authentication mechanism of SNMPv1 and SNMPv2.
While v3 comes with support for a username-password combo for the authentication system, v1 and v2 rely on a very simplistic authentication procedure that implies sending a string inside an SNMP request from an SNMP client (app) to a device's SNMP daemon.
The device reads this string inside the SNMP request, called a "community string," and replies to the SNMP client request, either with data or by executing an action.
Once someone authenticates on the device, they have the ability to read or write data to the system with no restrictions.
Full Article. Several Cable Modem Models Affected by SNMP God Mode Flaw