An Accepted Solution is available for this post. Jump to solution.

Fios G3100 Router CVE-2021-20090 Flaw

KDnVB
Enthusiast - Level 3
‎08-12-2021 05:41 AM

Read that the G3100 with firmware 2.0.0.6 requires an update to address a web access flaw.  Anything on when the firmware will be updated?                                                                  https://www.tomsguide.com/news/arcadyan-router-malware

0 Likes
Reply
1 Solution
An Accepted Solution is available for this post. Jump to solution.
Cang_Household
Community Leader
Community Leader
In response to VerizonFIOS4783
‎08-24-2021 07:10 AM
@VerizonFIOS4783 wrote:

However, they do not really protect the router

The documented attack leverages on the HTTP service. If the attacker cannot even access the HTTP service (i.e. remote administration disabled), how could the attacker launch an attack?

A new firmware 3.1.0.12 begins rolling out last Tuesday, and will continue to the end of the month.

View solution in original post

Reply
3 Replies
An Accepted Solution is available for this post. Jump to solution.
Cang_Household
Community Leader
Community Leader
‎08-12-2021 07:16 AM

The firmware update will be pushed automatically over a certain period of time once it is ready.

For now, there are several existing remedies those may address the security vulnerability.

1) WAN Remote Administration over Port 443 is disabled by default. Attackers should not be able to initiate a HTTP request to the router at all. If you have Remote Administration enabled, please disable it in Remote Administration menu under the Advanced settings. The security vulnerability seems to surround the web-based administrative interface. Disable the web admin interface on WAN should be a prime remedy.

2) WAN ICMP Echo and Traceroute over UDP are enabled by default. To keep your router stealth over the Internet, you should disable them as well in the same menu as above.

3) Each device on your network should have a host based firewall enabled in addition to the firewall at your router. Once the router firewall is compromised from attack, host based firewall should start to block attacker's traffic as the second line of defense.

I hope this helps.

Reply
An Accepted Solution is available for this post. Jump to solution.
VerizonFIOS4783
Enthusiast - Level 1
In response to Cang_Household
‎08-23-2021 08:15 PM

The mitigation steps posted by Cang_Houusehold are helpful, thank you.  However, they do not really protect the router, and this vulnerability is under active attack.  When will Verizon have the firmware update available?

0 Likes
Reply
An Accepted Solution is available for this post. Jump to solution.
Cang_Household
Community Leader
Community Leader
In response to VerizonFIOS4783
‎08-24-2021 07:10 AM
@VerizonFIOS4783 wrote:

However, they do not really protect the router

The documented attack leverages on the HTTP service. If the attacker cannot even access the HTTP service (i.e. remote administration disabled), how could the attacker launch an attack?

A new firmware 3.1.0.12 begins rolling out last Tuesday, and will continue to the end of the month.

Reply