6M Sky Routers Left Exposed to Attack for Nearly 1.5 Years

Pen Test Partners didn’t disclose the vulnerability after 90 days because it knew ISPs were struggling with a pandemic-increased network load as work from home became the new norm.

Sky, a U.K. broadband provider, left about 6 million customers’ underbellies exposed to attackers who could remotely sink their fangs into their home networks: a nice, soft attack surface left that way for nearly 18 months as the company tried to fix a DNS rebinding vulnerability in customers’ routers.

Pen Test Partners reported the problem to Sky Broadband – a broadband service offered by Sky UK in the United Kingdom – on May 11, 2020 … and then chased Sky for a repeatedly postponed update, the security firm said in a post.

The flaw could have affected customers who hadn’t changed the default admin password on their routers. As well, non-default credentials could have been brute-forced, according to Pen Test Partners. The vulnerability has now been fixed.

These are the affected model numbers:

Sky Hub 3 (ER110) Sky Hub 3.5 (ER115) Booster 3 (EE120) Sky Hub (SR101) Sky Hub 4 (SR203) Booster 4 (SE210)

While the last two router models were also

Read More: https://threatpost.com/6m-sky-routers-exposed-18-months/176483/