Vulnerability in KPN ExperiaBox makes it possible to bypass authentication


 A vulnerability in Arcadyan-based modems and routers, including KPN's, makes it possible to bypass authentication and make all kinds of adjustments to the network device. This is reported by security company Tenable and the CERT Coordination Center (CERT/CC) of Carnegie Mellon University.


Arcadyan's software is used not only by the company itself but also by other parties including ASUS, British Telecom, Buffalo, Deutsche Telekom, KPN, O2, Orange, Verizon, Vodafone, and several other telecom providers. In the case of KPN, the vulnerability has been confirmed in the ExperiaBox V10A (Arcadyan VRV9517) version 5.00.48 build 453 and the KPN VGV7519 version 3.01.116.


A path traversal vulnerability in the web interface of the devices allows an unauthenticated attacker to bypass authentication and gain access to components normally only accessible to authenticated users. The vulnerability makes it possible to adjust the router configuration, the CERT/CC reports.


The agency advises users to install the latest firmware update if it is available. In addition, it is recommended to make the administrator interface inaccessible from the Internet. An overview by Tenable shows that it was a difficult process to inform all parties. It is therefore unclear whether updates are available for all vulnerable models.


In the case of telecom providers, they often keep their customers' modems up to date. Security.NL has asked KPN whether it has rolled out an update for the vulnerability. The article will be updated as soon as this is known.

Previous Post Next Post