Factory Bicycle

Eternal Silence attacks via UPnP

Originally posted from Bleeping Computer: https://www.bleepingcomputer.com/news/security/277-000-routers-exposed-to-eternal-silence-attacks-via-upnp/

According to the article, a number of router and other wireless devices running UPnP are open to an exploit that allows threat actors to launch malicious attacks while hiding the location of the threat actors.

Researchers from Akamai have spotted actors abusing this vulnerability to create proxies that hide their malicious operations, calling the attack UPnProxy.

Akamai have released a white paper here that describes the UPnP vulnerability and lists some devices that are susceptible to the exploit. It's extremely detailed, but in order to help others I extracted the list of devices that could be problematic. Akamai suggest to update the firmware as soon as possible, however, if possibly infected already you might need to do a hard factory reset and update to the latest firmware of the device.

Here is a list of the devices that Akamai lists in their white paper:

Accton
RG231, RG300

AboCom Systems
WB-02N, WB02N,

Atlantis
A02-RB2-WN, A02-RB-W300N

ASUS
DSL-AC68R, DSL-AC68U, DSL-N55U, DSL-N55U-B,
MTK7620, RT-AC3200, RT-AC51U, RT-AC52U, RT-AC53,
RT-AC53U, RT-AC54U, RT-AC55U, RT-AC55UHP, RT-
AC56R, RT-AC56S, RT-AC56U, RT-AC66R, RT-AC66U,
RT-AC66W, RT-AC68P, RT-AC68R, RT-AC68U, RT-AC68W,
RT-AC87R, RT-AC87U, RT-G32, RT-N10E, RT-N10LX, RT-
N10P, RT-N10PV2, RT-N10U, RT-N11P, RT-N12, RT-N12B1,
RT-N12C1, RT-N12D1, RT-N12E, RT-N12HP, RT-N12LX,
RT-N12VP, RT-N14U, RT-N14UHP, RT-N15U, RT-N16, RT-
N18U, RT-N53, RT-N56U, RT-N65R, RT-N65U, RT-N66R,
RT-N66U, RT-N66W, RTN13U, SP-AC2015, WL500

AirTies
Air4452RU, Air5450v3RU

Alfa
ALFA-R36, AIP-W502, AIP-W505

Anker
N600

AximCOM
X-116NX, MR-101N, MR-102N, MR-105N, MR-105NL,
MR-108N, MR-216NV, P2P-Gear(PG-116N), P2PGear
(PG-108N), P2PGear (PG-116N), P2PGear (PG-216NV),
PG-116N, PGP-108N, PGP-108T, PGP-116N, TGB-102N,
X-108NX

Axler
10000NPLUS, 8500NPLUS, 9500NPLUS, LGI-R104N,
LGI-R104T, LGI-X501, LGI-X502, LGI-X503, LGI-X601,
LGI-X602, LGI-X603, R104M, R104T, RT-DSE, RT-TSE,
X602, X603

Belkin
F5D8635-4 v1, F9K1113 v5

B&B electric
BB-F2

Bluelink
BL-R31N, BL-R33N

CentreCOM
AR260SV2

CNet
CBR-970, CBR-980

Davolink
DVW-2000N

D-Link
DIR-601, DIR-615, DIR-620, DIR-825, DSL-2652BU, DSL-
2750B, DSL-2750B-E1, DSL-2750E, DVG-2102S, DVG-
5004S, DVG-N5402SP, RG-DLINK-WBR2300

Deliberant
DLB APC ECHO 5D, APC 5M-18 +

DrayTek Corp.
Vigor300B

E-Top
BR480n

EFM networks - ipTIME products
A1004, A1004NS, A1004NS, A104NS, A2004NS,
A2004NS, A2004NS-R, A2004NS-R, A3003NS, A3003NS,
A3004NS, A3004NS, A3004NS, A3004NS, A3004NS,
A5004NS, A704NS, A704NS, G1, G104, G104, G104A,
G104BE, G104BE, G104M, G104M, G104i, G204, G204,
G304, G304, G501, G504, G504, N1, N104, N104, N104A,
N104K, N104M, N104M, N104R, N104S, N104S-r1,
N104V, N104i, N1E, N2, N200R+, N2E, N3004, N300R,
N300R, N5, N5004, N5004, N504, N6004, N6004M,
N6004R, N604, N604, N604A, N604M, N604M, N604R,
N604S, N604T, N604V, N604i, N608, N7004NS, N704,
N704, N704A, N704M, N704NS, N704S, N704V, N8004,
N8004R, N804, N904NS, NX505, Q1, Q1, Q104, Q104,
Q204, Q304, Q304, Q504, Q504, Q604, Smart, T1004,
T1008, T2008, T3004, T3008, V1016, V1024, V104, V108,
V108, V116, V116, V124, V304, V308, X1005, X3003, X305,
X5005, X5007

Edimax
3G6200N, 3G6200NL, BR-6204WG, BR-6228nS/nC,
BR-6428, BR6228GNS, BR6258GN, BR6428NS

Eminent
EM4542, EM4543, EM4544, EM4551, EM4553,
EM4570, EM4571

Energy Imports
VB104W VDSL

Emerson
NR505-V3

FlexWatch Cameras
FW1175-WM-W, FW7707-FNR, FW7909-FVM,
FW9302-TXM

FreeBSD router
1, 1.2.2, 1.2.3-RELEASE, 2.0.1-RELEASE

Gigalink
EM4570

Grandstream Networks
GXE (router)

Hitron
CGN2-ROG, CGN2-UNE

HP
LaserJet 9500n plus Series Printers, GR112
(150M Portable Smart wireless Router)

HFR, Inc.
HFR Wired Router - H514G

IP-COM
R5, R7, R9, T3

iSonic
ISO-150AR

Intercross
ICxETH5670NE

Intelbras
WRN 140, WRN 340, Roteador Wireless NPLUG

Innacomm
RG4332

I-O Data
ETX2-R

Jensen Scandinavia
AL7000ac

Kozumi
K-1500NR

LevelOne
WBR-6005

Leviton
47611-WG4

Lenovo
A6

Lei Branch
OEM NR266G

Logitec
BR6428GNS, WLAN Access Point (popular device),
Wireless Router (popular device)

MSI
RG300EX, RG300EX Lite, RG300EX Lite II

MMC Technology
MM01-005H, MM02-005H

Monoprice
MP-N6, MP-N600, 10926 Wireless AP

Netis
E1, RX30, WF-2409, WF2409, WF2409/WF2409D,
WF2409E, WF2411, WF2411E, WF2411E_RU,
WF2411I, WF2411R, WF2415, WF2419, WF2419E,
WF2419R, WF2450, WF2470, WF2480, WF2681,
WF2710, WF2780

NETCORE
C403, NI360, NI360, NR20, NR235W, NR236W, NR255-V,
NR255G, NR256, NR256P, NR266, NR266-E, NR266G,
NR268, NR268-E, NR285G, NR286, NR286-E, NR286-
GE, NR286-GEA, NR288, NR289-E, NR289-GE, NR566,
NW715P, NW735, NW736, NW755, NW765, Q3, T1

NETGEAR
R2000, WNDR3700, WNDR4300v2, WNR2000v4

Nexxt Solutions
Viking 300

OpenWRT
Version identification was not possible

Patech
P501, P104S

Planex
MZK-W300NR, MZK-MF150, MZK-MR150, MZK-WNHR IGD

Planet
WDRT-731U, VRT-402N, VRT-420N

Prolink
PRT7002H

Pinic
IP04137

Roteador
Wireless NPLUG

Sitecom
WLR-7100v1002 (X7 AC1200), WLR-1000, WLR-2100
SMC Wireless Cable Modem Gateway
SMCD3GN-RRR, SMCWBR14S, SMCWBR14S-N3

SAPIDO
BRC70n, BRC76n, BRF71n, RB-1132, RB-1132V2,
RB-1232, RB-1232V2, RB-1602, RB-1732, RB-1800,
RB-1802, RB-1842, RB-3001

Solik
A2004NS

Storylink
SHD-G9

Shenzhen Landing Electronics
TRG212M

TOTOLINK (ZIONCOM, Tamio)
AC5, A1200RD, A2004NS, C100RT, N150RA, N150RT,
N200R, N200R+, N300R, N300R+, N300RA, N300RB,
N300RG, N300RT, N5004, N500RDG, N505RDU, N6004,
iBuddy

Tenda
3G150M+, 4G800, A5s, A6, ADSL2, DEVICE, F306, N6,
N60, TEI480, TEI602, W1800R

Techniclan
WAR-150GN

Turbo-X
M300

Ubiquiti
AirRouter LAP-E4A2, NanoBeam M5-N5B-16-E815,
AirGrid M5-AG5-HP-E245, PowerBeam M5-P5B-300-
E3E5, NanoBridge M5-NB5-E2B5, PicoStation M2-
p2N-E302, NanoStation M5-N5N-E805, NanoStation
Loco M5-LM5-E8A5, NanoStation Loco M2-LM2-E0A2,
NanoBeam M5-N5B-19-E825, AirGrid M5-AG5-HP-E255

ZIONCOM (shares models with EFM Networks & TOTOLINK)
IP04103, ipTIME N200R+, ipTIME N300R

ZTE
ZTE router, ZXHN H118N, ZXHN_H108N, CPE Z700A

Zyus
VFG6005N, VFG6005

ZyXel
Internet Center, Keenetic, Keenetic 4G, Keenetic DSL,
Keenetic Giga II, Keenetic II, Keenetic Lite II, Keenetic
Start, NBG-416N Internet Sharing Gateway, NBG-418N
Internet Sharing Gateway, NBG4615 Internet Sharing
Gateway, NBG5715 router, X150N Internet Gateway
Device