{"id":20867,"date":"2021-08-02T12:52:20","date_gmt":"2021-08-02T10:52:20","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=20867"},"modified":"2021-08-02T12:53:25","modified_gmt":"2021-08-02T10:53:25","slug":"authentifizierungsschwachstelle-cve-2021-20090-bei-arcadyan-basierten-routern-und-modems","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2021\/08\/02\/authentifizierungsschwachstelle-cve-2021-20090-bei-arcadyan-basierten-routern-und-modems\/","title":{"rendered":"Authentication Vulnerability CVE-2021-20090 in Arcadyan-based Routers and Modems"},"content":{"rendered":"<p><img decoding=\"async\" title=\"Sicherheit (Pexels, allgemeine Nutzung)\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline\" alt=\"Sicherheit (Pexels, allgemeine Nutzung)\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2021\/04\/Sicherheit_klein.jpg\" width=\"200\" align=\"left\">[<a href=\"http:\/\/\/authentifizierungsschwachstelle-cve-2021-20090-bei-arcadyan-basierten-routern-und-modems\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]Routers and modems from the Taiwan-based manufacturer Arcadyan have a CVE-2021-20090 vulnerability that can be used to bypass authentication. The routers and modems are sold under many trade names by other manufacturers. <\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" alt=\"\" src=\"https:\/\/vg02.met.vgwort.de\/na\/23ab32d8dad5460599d5278352164f1d\" width=\"1\" height=\"1\">The vulnerability was discovered by Tenable and described in <a href=\"https:\/\/de.tenable.com\/security\/research\/tra-2021-13?tns_redirect=true\" target=\"_blank\" rel=\"noopener\">this document<\/a>. The CERT has meanwhile published <a href=\"https:\/\/kb.cert.org\/vuls\/id\/914124\" target=\"_blank\" rel=\"noopener\">this security advisory<\/a> for the vulnerability CVE-2021-20090 as of July 20, 2021.<\/p>\n<p>A path traversal vulnerability (CVE-2021-20090) exists in numerous routers from various vendors that use the Arcadyan-based firmware. This vulnerability allows an unauthenticated user to access sensitive information that is normally protected, and now allows a change to the router configuration.<\/p>\n<p>If this vulnerability is successfully exploited, an attacker can access pages that would otherwise require authentication. An unauthenticated attacker could gain access to sensitive information, including valid request tokens that could be used to make requests to change router settings.<\/p>\n<p>The security researcher who discovered the vulnerability initially assumed it was limited to one router vendor and published his findings, but then discovered the problem exists in Arcadyan-based software used in routers from multiple vendors. Tenable has this list of affected devices:<\/p>\n<div style=\"width: 640px; overflow-y: scroll\">\n<table style=\"border-top-style: none; font-size: 10pt; font-family: arial; width: 813px; table-layout: fixed; border-bottom-style: none; border-right-style: none; border-left-style: none\" dir=\"ltr\" height=\"878\" cellspacing=\"0\" cellpadding=\"0\" border=\"1\" xmlns=\"http:\/\/www.w3.org\/1999\/xhtml\">\n<colgroup>\n<col width=\"183\">\n<col width=\"241\">\n<col width=\"168\"><\/colgroup>\n<tbody>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Vendor&quot;}\"><span style=\"text-decoration: underline\"><strong><code>Vendor<\/code><\/strong><\/span><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Device&quot;}\"><span style=\"text-decoration: underline\"><strong><code>Device<\/code><\/strong><\/span><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Found on version&quot;}\"><span style=\"text-decoration: underline\"><strong><code>Found on version<\/code><\/strong><\/span><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;ADB&quot;}\"><code>ADB<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;ADSL wireless IAD router&quot;}\"><code>ADSL wireless IAD router<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;1.26S-R-3P&quot;}\"><code>1.26S-R-3P<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Arcadyan&quot;}\"><code>Arcadyan<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;ARV7519&quot;}\"><code>ARV7519<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;00.96.00.96.617ES&quot;}\"><code>00.96.00.96.617ES<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Arcadyan&quot;}\"><code>Arcadyan<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;VRV9517&quot;}\"><code>VRV9517<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;6.00.17 build04&quot;}\"><code>6.00.17 build04<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Arcadyan&quot;}\"><code>Arcadyan<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;VGV7519&quot;}\"><code>VGV7519<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;3.01.116&quot;}\"><code>3.01.116<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Arcadyan &quot;}\"><code>Arcadyan<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;VRV9518&quot;}\"><code>VRV9518<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;1.01.00 build44&quot;}\"><code>1.01.00 build44<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;ASMAX&quot;}\"><code>ASMAX<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;BBR-4MG \/ SMC7908 ADSL&quot;}\"><code>BBR-4MG \/ SMC7908 ADSL<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:3,&quot;3&quot;:0.08}\"><code>0.08<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;ASUS &quot;}\"><code>ASUS<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;DSL-AC88U (Arc VRV9517)&quot;}\"><code>DSL-AC88U (Arc VRV9517)<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;1.10.05 build502&quot;}\"><code>1.10.05 build502<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;ASUS &quot;}\"><code>ASUS<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;DSL-AC87VG (Arc VRV9510)&quot;}\"><code>DSL-AC87VG (Arc VRV9510)<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;1.05.18 build305&quot;}\"><code>1.05.18 build305<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;ASUS &quot;}\"><code>ASUS<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;DSL-AC3100&quot;}\"><code>DSL-AC3100<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;1.10.05 build503&quot;}\"><code>1.10.05 build503<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;ASUS &quot;}\"><code>ASUS<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;DSL-AC68VG&quot;}\"><code>DSL-AC68VG<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;5.00.08 build272&quot;}\"><code>5.00.08 build272<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Beeline&quot;}\"><code>Beeline<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Smart Box Flash&quot;}\"><code>Smart Box Flash<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;1.00.13_beta4&quot;}\"><code>1.00.13_beta4<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;British Telecom&quot;}\"><code>British Telecom<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;WE410443-SA&quot;}\"><code>WE410443-SA<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;1.02.12 build02&quot;}\"><code>1.02.12 build02<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Buffalo&quot;}\"><code>Buffalo<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;WSR-2533DHPL2&quot;}\"><code>WSR-2533DHPL2<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:3,&quot;3&quot;:1.02}\"><code>1.02<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Buffalo&quot;}\"><code>Buffalo<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;WSR-2533DHP3&quot;}\"><code>WSR-2533DHP3<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:3,&quot;3&quot;:1.24}\"><code>1.24<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Buffalo&quot;}\"><code>Buffalo<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;BBR-4HG&quot;}\"><code>BBR-4HG<\/code><\/td>\n<td>&nbsp;<\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Buffalo&quot;}\"><code>Buffalo<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;BBR-4MG&quot;}\"><code>BBR-4MG<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;2.08 Release 0002&quot;}\"><code>2.08 Release 0002<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Buffalo&quot;}\"><code>Buffalo<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;WSR-3200AX4S&quot;}\"><code>WSR-3200AX4S<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:3,&quot;3&quot;:1.1}\"><code>1.1<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Buffalo&quot;}\"><code>Buffalo<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;WSR-1166DHP2&quot;}\"><code>WSR-1166DHP2<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:3,&quot;3&quot;:1.15}\"><code>1.15<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Buffalo&quot;}\"><code>Buffalo<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;WXR-5700AX7S&quot;}\"><code>WXR-5700AX7S<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:3,&quot;3&quot;:1.11}\"><code>1.11<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Deutsche Telekom&quot;}\"><code>Deutsche Telekom<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Speedport Smart 3&quot;}\"><code>Speedport Smart 3<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;010137.4.8.001.0&quot;}\"><code>010137.4.8.001.0<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;HughesNet&quot;}\"><code>HughesNet<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;HT2000W&quot;}\"><code>HT2000W<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;0.10.10&quot;}\"><code>0.10.10<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;KPN&quot;}\"><code>KPN<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;ExperiaBox V10A (Arcadyan VRV9517)&quot;}\"><code>ExperiaBox V10A (Arcadyan VRV9517)<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;5.00.48 build453&quot;}\"><code>5.00.48 build453<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;KPN&quot;}\"><code>KPN<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;VGV7519&quot;}\"><code>VGV7519<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;3.01.116&quot;}\"><code>3.01.116<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;O2&quot;}\"><code>O2<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;HomeBox 6441&quot;}\"><code>HomeBox 6441<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;1.01.36&quot;}\"><code>1.01.36<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Orange&quot;}\"><code>Orange<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;LiveBox Fibra (PRV3399)&quot;}\"><code>LiveBox Fibra (PRV3399)<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;00.96.00.96.617ES&quot;}\"><code>00.96.00.96.617ES<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Skinny&quot;}\"><code>Skinny<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Smart Modem (Arcadyan VRV9517)&quot;}\"><code>Smart Modem (Arcadyan VRV9517)<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;6.00.16 build01&quot;}\"><code>6.00.16 build01<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;SparkNZ&quot;}\"><code>SparkNZ<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Smart Modem (Arcadyan VRV9517)&quot;}\"><code>Smart Modem (Arcadyan VRV9517)<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;6.00.17 build04&quot;}\"><code>6.00.17 build04<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Telecom (Argentina)&quot;}\"><code>Telecom (Argentina)<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Arcadyan VRV9518VAC23-A-OS-AM&quot;}\"><code>Arcadyan VRV9518VAC23-A-OS-AM<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;1.01.00 build44&quot;}\"><code>1.01.00 build44<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;TelMex&quot;}\"><code>TelMex<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;PRV33AC&quot;}\"><code>PRV33AC<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;1.31.005.0012&quot;}\"><code>1.31.005.0012<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;TelMex&quot;}\"><code>TelMex<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;VRV7006&quot;}\"><code>VRV7006<\/code><\/td>\n<td>&nbsp;<\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Telstra&quot;}\"><code>Telstra<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Smart Modem Gen 2 (LH1000)&quot;}\"><code>Smart Modem Gen 2 (LH1000)<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;0.13.01r&quot;}\"><code>0.13.01r<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Telus&quot;}\"><code>Telus<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;WiFi Hub (PRV65B444A-S-TS)&quot;}\"><code>WiFi Hub (PRV65B444A-S-TS)<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;v3.00.20&quot;}\"><code>v3.00.20<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Telus&quot;}\"><code>Telus<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;NH20A&quot;}\"><code>NH20A<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;1.00.10debug build06&quot;}\"><code>1.00.10debug build06<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Verizon&quot;}\"><code>Verizon<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Fios G3100&quot;}\"><code>Fios G3100<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;1.5.0.10&quot;}\"><code>1.5.0.10<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Vodafone&quot;}\"><code>Vodafone<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;EasyBox 904&quot;}\"><code>EasyBox 904<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:3,&quot;3&quot;:4.16}\"><code>4.16<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Vodafone&quot;}\"><code>Vodafone<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;EasyBox 903&quot;}\"><code>EasyBox 903<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;30.05.714&quot;}\"><code>30.05.714<\/code><\/td>\n<\/tr>\n<tr>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;Vodafone&quot;}\"><code>Vodafone<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;EasyBox 802&quot;}\"><code>EasyBox 802<\/code><\/td>\n<td data-sheets-value=\"{&quot;1&quot;:2,&quot;2&quot;:&quot;20.02.226&quot;}\"><code>20.02.226<\/code><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/div>\n<p>The CERT\/CC recommends updating the router to the latest available firmware version. It is also recommended to disable the remote administration services (WAN side) on each SoHo router and also disable the web interface on the WAN.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]Routers and modems from the Taiwan-based manufacturer Arcadyan have a CVE-2021-20090 vulnerability that can be used to bypass authentication. The routers and modems are sold under many trade names by other manufacturers.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[448,580],"tags":[587,69],"class_list":["post-20867","post","type-post","status-publish","format-standard","hentry","category-devices","category-security","tag-router","tag-security"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/20867","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=20867"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/20867\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=20867"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=20867"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=20867"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}