Based on the number of wide-open WiFi hotspots I see with SSID still set to "Linksys" I'm willing to bet there are a lot of routers out there with default passwords, too.

Meh.

OK, I just went and changed my router password just to be safe. I've never bothered to change it from default before, since I always leave remote admin disabled.

I probably wasn't vulnerable anyway, since I use the 10.0.x.x subnet for local IPs instead of the more common 192.168.x.x. I don't think I'd fall for a phishing scam, but other family members might.

But better safe than sorry...

Is this really a router security flaw, or a security flaw in a browser? For a website to do this and open an "internal" website seems like a huge security issue, not just for people with routers.

If I visit a malicious web page at work, does this mean a hacker could manipulate websites on the corporate intranet? I can't see why not, if the situation in the article is right.

Sounds like another browser issue/ design flaw, not really a router flaw, though securing the web gui for your router is probably a good idea.

I wouldn't likely fall for the phishing, but I admit I only recently changed my password (before reading the story, of course). I've had the router for months now, relying on WEP security and the default password. Shameful, I know. I'll switch to WPA when I feel like it. ;)

This is easy enough for future Firmwares to fix... initially all IP redirect to the the Firewalls admin page. User enters Default PWD and are forced to setup a new password + SSID.

One way to avoid this would be to ship routers with a running profile that has a randomly assigned password, and you put a sticker with that password on the router before its shipped. But obviously that's after the fact and adds complication. I can see why manufacturers would want to avoid such a thing, and rightly so.

Ultimately it comes down to users putting a secure password on the router, and avoiding questionable websites. Not likely, huh.

do they think they're smart coming up with this? its a blatantly obvious hack, if the thought hasn't crossed your mind after looking at a routers web config page then you aren't up with the play.

the http interface of different brands of router are different so the structure and commands used to reconfig one router would be completely different from another. it would be a very elaborate hack to expose every brand and model of router.

this also relies on the fact that the user is going to visit a questionable website to be exposed to such an attack.