Check Point Software Technologies released its findings of Misfortune Cookie, a critical vulnerability that allows an intruder to remotely take over a residential gateway device and use it to attack the devices connected to it.
Researchers in Check Point’s Malware and Vulnerability Research Group uncovered a vulnerability present on millions of residential gateway (SOHO router) devices from different models and makers. This severe vulnerability allows an attacker to remotely take over a gateway device with administrative privileges.
To date, researchers have distinctly detected at least 12 million readily exploitable devices connected to the Internet across the globe, making this one of the most widespread vulnerabilities revealed in recent years.
If undiscovered, an attacker could take control of millions of routers around the world, and use that access to control and steal data from the wired and wireless devices connected to the network.