Router Vulnerability Present for a Decade
Why IoT Supply Chain Is to Blame
The discovery of shared libraries used across a number of devices has led to one persistent vulnerability being present in routers provided by at least 13 ISPs across 11 countries. Discovered by Tenable researchers, CVE-2021-20090 is a path traversal vulnerability which allows an attacker to bypass authentication to the web interface, and could be leveraged to access other devices on a home or corporate network.
In this whitepaper you can learn more about the vulnerability and how it was discovered, what its impact could be upon exploit and how this issue in shared libraries can be better prevented in the future:
- How this vulnerability was present in Arcadyan's code for many years and used in thousands of routers
- How many ISPs and router devices are affected
- Which steps can be taken to make vulnerabilities better detected in shared libraries
Tenable One
Request a demo
The world’s leading AI-powered exposure management platform.
Thank You
Thank you for your interest in Tenable One.
A representative will be in touch soon.
Form ID: 7469
Form Name: one-eval
Form Class: c-form form-panel__global-form c-form--mkto js-mkto-no-css js-form-hanging-label c-form--hide-comments
Form Wrapper ID: one-eval-form-wrapper
Confirmation Class: one-eval-confirmform-modal
Simulate Success