Buggy software in popular connected storage drives can let hackers read private data

Safety researchers have discovered flaws in 4 common related storage drives that they are saying may let hackers entry a consumer’s personal and delicate information.

The researchers Paulos Yibelo and Daniel Eshetu stated the software program operating on three of the gadgets they examined — NetGear Stora, Seagate Residence and Medion LifeCloud — can enable an attacker to remotely learn, change and delete information with out requiring a password.

Yibelo, who shared the analysis with TechCrunch this week and posted the findings Friday, stated that many different gadgets could also be in danger.

The software program, Hipserv, constructed by tech firm Axentra, was largely accountable for 3 of the 4 flaws they discovered. Hipserv is Linux-based, and makes use of a number of net applied sciences — together with PHP — to energy the online interface. However the researchers discovered that bugs may allow them to learn recordsdata on the drive with none authentication. It additionally meant they might run any command they wished as “root” — the built-in consumer account with the very best stage of entry — making the info on the system weak to prying eyes or destruction.

We contacted Axentra for touch upon Thursday however didn’t hear again by the point of writing.

A Netgear spokesperson stated that the Stora is “now not a supported product… as a result of it has been discontinued and is an finish of life product.” Seagate didn’t remark by our deadline, however we’ll replace if that modifications. Lenovo, which now owns Medion, didn’t reply to a request for remark.

The researchers additionally reported a separate bug affecting WD My E-book Reside drives, which may enable an attacker to remotely achieve root entry.

A spokesperson for WD stated that the vulnerability report impacts gadgets initially launched in 2010 and discontinued in 2014, and “now not lined below our system software program assist lifecycle.” WD added: “We encourage customers who want to proceed working these legacy merchandise to configure their firewall to stop distant entry to those gadgets, and to take measures to make sure that solely trusted gadgets on the native community have entry to the system.”

In all 4 vulnerabilities, the researchers stated that an attacker solely must know the IP handle of an affected drive. That isn’t so tough nowadays, due to websites like Shodan, a search engine for publicly obtainable gadgets and databases, and related search and indexing providers.

Relying on the place you look, the variety of affected gadgets varies. Shodan places the quantity at 311,705, however ZoomEye places the determine at nearer to 1.eight million gadgets.

Though the researchers described the bugs in average element, they stated they haven’t any plans to launch any exploit code to stop attackers benefiting from the issues.

Their recommendation: In the event you’re operating a cloud drive, “make certain to take away your system from the web.”

Source

Facebook Comments