Verizon Fixes FiOS Quantum Gateway Router Vulnerability


If you have Verizon FiOS Quantum Gateway G1100 router, then you need to update to its new version now.

The security researchers from Tenable found three vulnerabilities on FiOS Quantum Gateway router. The company said that it disclosed these security flaws to Verizon in December and Verizon had fixed the issues on March.

But still, there are some customers didn’t get the update automatically and waiting to still need a patch, said Verizon. If the router’s firmware is running on version then the user won’t need to take any action, they are up-to-date and safe from the vulnerabilities.

“We were recently made aware of three vulnerabilities related to login and password information on the Broadband Home Router Fios-G1100,” a Verizon spokesman said in a statement. “As soon as we were made aware of these vulnerabilities, we took immediate action to remediate them and are issuing patches.”

In the United States, Verizon’s FiOS Quantum Gateway routers are used in millions of homes and small businesses.

What are the Vulnerabilities?

Tenable security researcher Chris Lyne, published CVE’s.

CVE-2019-3914 – Authenticated Remote Command Injection
This vulnerability can be triggered by adding a firewall access control rule for a network object with a crafted hostname. An attacker must be authenticated to the device’s administrative web application in order to perform the command injection. In most cases, the vulnerability can only be exploited by attackers with local network access. However, an internet-based attack is feasible if remote administration is enabled; it is disabled by default.

CVE-2019-3915 – Login Replay
Because HTTPS is not enforced in the web administration interface, an attacker on the local network segment can intercept login requests using a packet sniffer. These requests can be replayed to give the attacker admin access to the web interface. From here, the attacker could exploit CVE-2019-3914.

CVE-2019-3916 – Password Salt Disclosure
An unauthenticated attacker is able to retrieve the value of the password salt by simply visiting a URL in a web browser. Given that the firmware does not enforce the use of HTTPS, it is feasible for an attacker to capture (sniff) a login request. The login request contains a salted password hash (SHA-512), so the attacker could then perform an offline dictionary attack to recover the original password.

You should check FiOS router settings to make sure it’s running firmware version 2.2.

“Routers are the central hub of every smart home today. They keep us connected to the corners of the internet, secure our homes and, even, remotely unlock doors,” Renaud Deraison, Tenable’s chief technology officer, said in a statement.

For the latest update about Cyber and Infosec World, follow us on Twitter, Facebook, Telegram , Instagram and subscribe to our YouTube Channel.

Subscribe to HackersOnlineClub via Email

Enter your Email address to receive notifications of Latest Posts by Email | Join over Million Followers

More from Priyanshu Sahay

Ad-honeypot-autodeploy Vulnerable Windows Domain For RDP Honeypot Automatically

Ad-honeypot-autodeploy- Deploy a small, intentionally insecure, vulnerable Windows Domain for RDP Honeypot...
Read More

Leave a Reply