1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Critical Security Flaw in Tomato by Shibby Firmware Found by Teo En Ming

Discussion in 'Tomato Firmware' started by Teo En Ming, Apr 13, 2014.

  1. Teo En Ming

    Teo En Ming Network Newbie Member

    I suspect that my Asus RT-N15U wireless router with Tomato by Shibby firmware version 116 "Big VPN" has been hacked.

    Although I tried to disable Remote Access for the sshd daemon in the router web configuration page, I could still login to the router by ssh from the router's *PUBLIC* IP address. This means that the sshd daemon is exposed to the internet by remote access even when remote access for the sshd daemon is disabled in the router web configuration page. Anyone from the internet could login to the sshd daemon on the router and perform administrative tasks.

    Similarly, although there is no remote access option for the telnet daemon, it is accessible from the router's *PUBLIC* IP address. Anyone from the internet could login to the telnet daemon on the router and perform administrative tasks.

    I chanced upon the open ports (sshd and telnetd on the router) when I ran a nmap scan against my public IP address.

    Shibby, could you fix these security flaws in your Tomato firmware? The sshd daemon and telnet daemon on the router should *NOT* be exposed to the internet.

    Teo En Ming
     
    Last edited: Apr 13, 2014
  2. PeterT

    PeterT Network Guru Member

    How are you verifying access to the PUBLIC IP?
     

Share This Page