Trend Micro News

Hackers Exploit Vulnerability Targeting Routers and Modems Running Arcadyan Firmware

Hackers Exploit Vulnerability Targeting Routers and Modems Running Arcadyan Firmware

Hackers Exploit Vulnerability Targeting Routers and Modems Running Arcadyan Firmware

Almost immediately after being disclosed publicly, a vulnerability with routers running Arcadyan firmware has been exploited by hackers, potentially affecting millions of home routers.

Although this vulnerability was disclosed to router manufacturers in April, it was made public on August 3. There have been reports of hackers actively attacking these compromised routers since.

What is the issue?


The vulnerability, referred to as CVE-2021-20090, is a critical path traversal vulnerability in the web interfaces of routers with Arcadyan firmware. The vulnerability allows remote attackers to bypass authentication. This makes it possible for attackers to deploy Mirai botnet malicious payloads to affected devices.

Why should I be concerned?


This vulnerability can allow an unauthenticated remote attacker to take control of connected devices. Once this happens, the attacker can:

  • Manipulate your internet traffic
  • Gain access to sensitive information on your devices
  • Alter router settings to make your network more vulnerable

Because not a lot of people are even aware of this security risk and people do not change their routers very frequently, this vulnerability presents a very serious problem for many.

How to check if your router is affected


Here is the list of confirmed devices affected by this vulnerability:

ManufacturerDevice ModelAffected Firmware Version
ADBADSL wireless IAD router1.26S-R-3P
ArcadyanARV751900.96.00.96.617ES
ArcadyanARV751900.96.00.96.617ES
ArcadyanVRV95176.00.17 build04
ArcadyanVGV75193.01.116
ArcadyanVRV95181.01.00 build44
ASMAXBBR-4MG / SMC7908 ADSL0.08
ASUSDSL-AC88U (Arc VRV9517)1.10.05 build502
ASUSDSL-AC87VG (Arc VRV9510)1.05.18 build305
ASUSDSL-AC31001.10.05 build503
ASUSDSL-AC68VG5.00.08 build272
BeelineSmart Box Flash1.00.13_beta4
British TelecomWE410443-SA1.02.12 build02
BuffaloWSR-2533DHPL21.02
BuffaloWSR-2533DHP31.24
BuffaloBBR-4HG 
BuffaloBBR-4MG2.08 Release 0002
BuffaloWSR-3200AX4S1.1
BuffaloWSR-1166DHP21.15
BuffaloWXR-5700AX7S1.11
Deutsche TelekomSpeedport Smart 3010137.4.8.001.0
HughesNetHT2000W0.10.10
KPNExperiaBox V10A (Arcadyan VRV9517)5.00.48 build453
KPNVGV75193.01.116
O2HomeBox 64411.01.36
OrangeLiveBox Fibra (PRV3399)00.96.00.96.617ES
SkinnySmart Modem (Arcadyan VRV9517)6.00.16 build01
SparkNZSmart Modem (Arcadyan VRV9517)6.00.17 build04
Telecom (Argentina)Arcadyan VRV9518VAC23-A-OS-AM1.01.00 build44
TelMexPRV33AC1.31.005.0012
TelMexVRV7006 
TelstraSmart Modem Gen 2 (LH1000)0.13.01r
TelusWiFi Hub (PRV65B444A-S-TS)v3.00.20
TelusNH20A1.00.10debug build06
VerizonFios G31002.0.0.6
VodafoneEasyBox 9044.16
VodafoneEasyBox 90330.05.714
VodafoneEasyBox 80220.02.226

For more information, visit Tenable.

Secure Your Wi-Fi Router and Protect Your Home Network


Affected users should contact their respective vendors for update information and support. Ideally, a resolution will be available for all soon. However, this won’t stop hackers and threat actors from forever seeking new ways to compromise people’s security. To ensure your home network stays protected use Trend Micro Home Network Security.

The Home Network Security station is a device that connects to your home Wi-Fi router with an Ethernet cable. Once setup is complete, the station scans all traffic passing in and out of your home network, allowing it to prevent intrusions, block hacking attempts and web threats as well as protect your family’s privacy.

Home Network Security provides your home network with an essential extra layer of protection. Click the button below to learn more:

Button_HNS