If you are still using older versions of Small Office Home Office devices for your home or office, it is the high time to consider updating them. A common vulnerability found on SOHO routers and Gateways (unfortunately even on the models which are still in the market) called ROM-0 vulnerability which lets an external intruder hack into your network router /gateway partially or even fully and gains control of it. If you have installed the lasted version of Avast on your computer, it features 'Home Network Security scanner' will tell you whether your Gateway is affected with ROM-0 vulnerability. This article is intended to inform you about one of the common network vulnerability which is utilized by hackers to gain access to the router, ROM-0, what is ROM-0 vulnerability and how to prevent your router from it.
What is ROM-0 vulnerability
ROM-0 vulnerability allows an attacker to request ROM-0 through HTTP port. Which means if the port 80 is open on your device, a hacker can go into the page " http://192.168.1.1/ROM-0" using this bug. Since port 80 is open by default, you must be very careful. Once the attacker gained access, he can download the username/password combination.
Router Models Vulnerable to ROM-0 vulnerability
I think it is better to tell you the common point in all router models which are vulnerable than list the entire model numbers and manufactures. It is wise to say that all older versions irrespective of manufacture are under this category. If you are using a device which is not having the latest firmware, that device has the potential to be a victim. It does not exclude any specific models of Linksys, D-link, Netgear etc. If any router firmware is no longer updated by the manufacturer, it is wise to replace them immediately with a secure model. So before making your mind to purchase a gateway or router, you must check whether this router model is free from ROM-0 bug.
Have a look at the scan report which discovers the hidden vulnerability.
How to Fix ROM-0 vulnerability
The perfect solution is to replace your obsolete device with the latest model. However, if you are not in a position to spend money on it, you can try the following solutions.
Related Tutorials
What is ROM-0 vulnerability
ROM-0 vulnerability allows an attacker to request ROM-0 through HTTP port. Which means if the port 80 is open on your device, a hacker can go into the page " http://192.168.1.1/ROM-0" using this bug. Since port 80 is open by default, you must be very careful. Once the attacker gained access, he can download the username/password combination.
Router Models Vulnerable to ROM-0 vulnerability
I think it is better to tell you the common point in all router models which are vulnerable than list the entire model numbers and manufactures. It is wise to say that all older versions irrespective of manufacture are under this category. If you are using a device which is not having the latest firmware, that device has the potential to be a victim. It does not exclude any specific models of Linksys, D-link, Netgear etc. If any router firmware is no longer updated by the manufacturer, it is wise to replace them immediately with a secure model. So before making your mind to purchase a gateway or router, you must check whether this router model is free from ROM-0 bug.
Have a look at the scan report which discovers the hidden vulnerability.
How to Fix ROM-0 vulnerability
The perfect solution is to replace your obsolete device with the latest model. However, if you are not in a position to spend money on it, you can try the following solutions.
- Update your Router's firmware with the latest available version.
- Disable Remote Access on your device
- Since it is port 80 vulnerability, use a different non using private IP number to start using HTTP traffic.
- Use port forwarding to continue to get the HTTP traffic, by using a non-using Private IP address and forward port 80 to it.
- By blocking access to your router via external ports, Your router is safe
Related Tutorials
