cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
DCglasgow
Contributor
4,937 Views
Message 1 of 100

Avast reports smarthub vulnerable to attack.

Go to solution

The WiFi Inspector on the latest version of Avast Free AV is giving the following warning.  Is this a known issue, or could it be a false report ?  I am running Firmware version: v0.09.05.11160-BT, updated: 18-Jan-2018

 

Your router or Wi-Fi hotspot is vulnerable to network attacks!

We have found vulnerabilities in your router or Wi-Fi hotspot that can be used by attackers to hack into your network.

 
Description

Our scan found a vulnerability on your router or Wi-Fi hotspot device. Your device contains a problem that can be misused by cybercriminals to break into your network and compromise your security and privacy.

Android devices used as a Wi-Fi hotspot can be also affected.

Solution

Some of the vulnerabilities may be patched in new versions of the device firmware or system update. Applying the latest firmware or system update may solve the issue.

Consult your device's manual for instructions. If an update adressing the vulnerability issue is not available, contact your devices's vendor or manufacturer to provide an update as soon as possible.

Note:
As routers typically do not perform automatic updates, you need to manually download and install the appropriate patches on the device.
Done incorrectly, applying the latest firmware can make your router unusable. We recommend this method for advanced users or computer technicians only.

Details

We have identified the following problem with your router or Wi-Fi hotspot device:

DnsMasq heap buffer overflow vulnerability

Severity: High

Reference: CVE-2017-14491 | Google Security Blog

Description:
The affected device's DNS service is running an outdated version of the DnsMasq software which is known to have a heap buffer overflow vulnerability. A remote attacker can gain control of your network device and your Internet connection by sending malformed DNS packets to the device. It allows the attacker to intercept connections and perform a traffic hijack, or execute arbitrary code with unrestricted privileges as well as access all important and private data stored on the device -- your device login/password combination, your Wi-Fi password, and your configuration data.

Impact:
Any device connected to your network, including computers, phones, tablets, printers, security cameras, or any other networked device in your home or office network, may have an increased risk of compromise.

Recommendation:
The issue was fixed in DnsMasq software version 2.78, released in October 2017.

To solve the vulnerability on your device, apply the firmware or system update that contains DnsMasq software version 2.78 or higher provided by your device's manufacturer.

If an update addressing the vulnerability is not yet available for your device, you can secure your router or Wi-Fi hotspot with a strong password to minimize risks imposed by the vulnerability. We also advise you not to visit suspicious websites or run software from questionable sources.

0 Ratings
99 REPLIES
sandyflett
Beginner
4,780 Views
Message 2 of 100

Re: Avast reports smarthub vulnerable to attack.

Go to solution

I have had the same report from Avast. Any answer to this?

0 Ratings
DCglasgow
Contributor
4,775 Views
Message 3 of 100

Re: Avast reports smarthub vulnerable to attack.

Go to solution

Since I originally posted, Avast have added this information to their forums.  Following the advice given, my smarthub shows a dnsmasq of 2.76, which Avast would suggest makes it vulnerable:

 

Last week we added this detection into Wifi inspector. This detection is based on DNS version obtained via remote fingerprint also called banner detection. 
Banner detections are not critical (in this particular case is detection verbosity set to warning), it says your device is likely vulnerable. We are not sending real exploit probes to detect vulnerable DNS servers, because its too dangerous and it may cause the application crash.

You should test your router manually with the following command in cmd:
nslookup -type=txt -class=chaos version.bind ROUTER_IP

For example:
c:\>nslookup -type=txt -class=chaos version.bind 192.168.0.1
Server:  router
Address:  192.168.0.1
 
version.bind    text =
 
        "dnsmasq-2.45"

All versions prior to 2.78 are vulnerable. 

To solve the vulnerability on your device, apply the firmware or system update that contains DnsMasq software version 2.78 or higher provided by your device's manufacturer.
If an update addressing the vulnerability is not yet available for your device, you can secure your router or Wi-Fi hotspot with a strong password to minimize risks imposed by the vulnerability. 

0 Ratings
icepuffin
Contributor
4,428 Views
Message 4 of 100

Firmware fault on HUB 6 according to avast.

Go to solution

I use Avast and today I did an Avast Wi-Fi inspector check which found a fault with my BT HUB 6 – my latest firmware ends 522 which was downloaded in January 2018, so I believe I am on the latest update ?

Avast had indicated that there is a vulnerability to attacks “dnsMasq heap buffer overflow”, it states the hub  is using an older version of dnsmasq and needs updating, they say that version 2.78 fixed this, however I am in tha hands of BT as I wouldn't know how to resolve this.

Is anyone else with Avast and also has a smart hub also getting this issue?

Are BT aware and dealing?

0 Ratings
Distinguished Sage
Distinguished Sage
4,421 Views
Message 5 of 100

Re: Firmware fault on HUB 6 according to avast.

Go to solution

Using search you would fine this similar https://community.bt.com/t5/BT-Devices/Avast-reports-smarthub-vulnerable-to-attack/m-p/1822124#M2379



If you like a post, or want to say thanks for a helpful answer, please click on the Ratings 'Thumbs up' on left hand side.
If someone answers your question correctly please let other members know by clicking on ’Mark as Accepted Solution’.
0 Ratings
icepuffin
Contributor
4,417 Views
Message 6 of 100

Re: Firmware fault on HUB 6 according to avast.

Go to solution

Sorry didn't see that, but reading it, no-one has replied with a solution or anything from BT to suggest they are dealing, unless again I have missed it.

0 Ratings
icepuffin
Contributor
4,663 Views
Message 7 of 100

Re: Avast reports smarthub vulnerable to attack.

Go to solution

I have had the same issue, any update from BT or a moderator on this.

0 Ratings
Monster432
Contributor
4,377 Views
Message 8 of 100

Re: Firmware fault on HUB 6 according to avast.

Go to solution

Hi everyone. I'm having the exact same issue, this is really worrying me. This seems like a huge security flaw and could potentially cause alot of damage, is BT doing anything about it?

Tags (1)
0 Ratings
Monster432
Contributor
4,623 Views
Message 9 of 100

Re: Avast reports smarthub vulnerable to attack.

Go to solution

I'm having the exact same issue, can someone shed some light onto it?

0 Ratings
icepuffin
Contributor
4,579 Views
Message 10 of 100

Re: Avast reports smarthub vulnerable to attack.

Go to solution

Could perhaps a moderator pass this onto BT staff , it would be nice to have some sort of answer as it is a bit concerning that the HUB 6 is vulnerable to attack and yet we are being ignored.

0 Ratings