Advanced JavaScript Attack Tthreatens SOHO Routers

June 19, 2012 By The Vigilant Application Owner

Dark Reading – (International) Advanced JavaScript attack threatens SOHO routers. A technique for sending requests to devices on an internal network could be used by online attackers to compromise home and small-business routers, according to two AppSec Consulting researchers who plan to demonstrate the attack at the Black Hat security conference in July. The two researchers build on a technique demonstrated at the Black Hat conference in 2006, using a combination of JavaScript and cross-site request forgery to send requests to devices on an internal network from an external Web site. “With this attack, you can actually start compromising network devices with little to zero user intervention,” said one of the researchers.