Researchers at Check Point Software Technologies have discovered a new vulnerability that enables hackers to remotely capture residential gateway (SOHO router) devices.
The hackers are then able to capture all administrative privileges and hack all devices connected to the router.
Being assigned the CVE-2014-9222 identifier, the new vulnerability dubbed ‘Misfortune Cookie’ currently exists on millions of SOHO routers from different models and manufacturers, according to researchers at Check Point’s Malware and Vulnerability Research Group.
About 12 million readily exploitable devices are currently connected to the Internet globally, which makes it one of the most extensive vulnerabilities disclosed in recent years.
Check Point Software Technologies malware and vulnerability research manager Shahar Tal said: "Misfortune Cookie is a serious vulnerability present in millions of homes and small businesses around the world, and if left undetected and unguarded, could allow hackers to not only steal personal data, but control peoples’ homes."
"At Check Point, we are dedicated to protecting the internet and its users by staying ahead of attackers."
"Our Malware and Vulnerability Research Group remains focused on uncovering security flaws and developing the necessary real-time protections to secure the Internet."
The vulnerability would enable intruders to gain access to millions of routers globally and pinch confidential data from the wired and wireless devices connected to the network.
AllegroSoft’s embedded web server RomPager is the effected software, which comes wiith the firmware released with devices, the security firm added.
