cancel
Showing results for 
Search instead for 
Did you mean: 

HT200W Venerability in the wild

campotterbrook
New Poster

HT200W Venerability in the wild

Hughesnet's HT200W Modem/Router is listed as one of the vonerable routers discovered by Evan Grant of the security company Tenable.  Anyone who has access to an HT200W router's admin page (from inside your network or from the internet) can use an old trick called directory traversal to gain admin privileges and therefor access to your network.  

 

Tenable's list of known venerable routers:

https://www.tenable.com/security/research/tra-2021-13

 

I learned of this from the Naked Security podcast:

https://nakedsecurity.sophos.com/2021/08/10/home-and-small-business-routers-under-attack-how-to-see-...

 

I would have let tech support know privately had my attempts to reach tech support via hughesnet website's chat and email options not resulted in blank pages.    

4 REPLIES 4
MarkJFine
Associate Professor

Re: HT200W Venerability in the wild

Unless the user has a business account, the modem would not be able to become accessed due to the double-NAT network. Only business accounts can be accessed from outside the HN network.


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.
campotterbrook
New Poster

Re: HT200W Venerability in the wild

Mark,

Your responce is deeply concerning. I (perhaps all of us) would like to hear that you are aware of the venerability and are going to rollout a firmware update asap. Furthermore, instead of misinforming your customers of who is not effected,  you should be more clear about who is effected, how they are effected and what they can do to midigate exploitation. 

 

As I understand it, anyone with local access to any HT200W can gain full admin privileges to its network.  This is both residential and business accounts.  Additionally business accounts are venerable via the internet!  This hack is so simple that any child connected to the internet can gain access to your business' networks from anywhere in the world.  

 

PS:  Double-Nat is a major no-no and is one of your worst qualities.  

 

From one tech to another I suggest you take responsibility and try to help your customers instead of trying to dismiss a massive venerability.  

MarkJFine
Associate Professor

Re: HT200W Venerability in the wild

I'm not rolling out anything. I'm a customer, just like you. I am not misinforming anyone.

 

Feel free to continue to be alarmist, but frankly, if you're as technical as you claim, you need to think about what you're saying: Exactly how does one access the modem unless they're:

 

1. On your personal LAN via wifi or ethernet - not possible unless it's a member of your family; or the hacker is sitting on your driveway hacking into your wifi, which isn't that strong to begin with. If you're that good at security, you'd have all the Guest accounts turned off, are using WPA2, and have UPNP disabled to start with; as well as have changed all the default passwords.

 

2. Trying to access via the internet - not possible because of the double-NAT, which may be a major no-no for you, but is necessary because of the way a shared satellite system works, using remote ground stations, the satellite itself, and your terminal.

 

3. Access and intercept the data stream somewhere between the ground station to satellite or satellite to terminal links... and that's not bloody likely.

 

So as I've already said, the possibility of a residential customer getting hit is like 1 in 100 billion, and business customers are somewhat at risk, that is, provided they don't already have some kind of firewall already in place.

 

BTW: The terms are 'vulnerability', not 'venerability' and 'mitigate', not 'midigate'. Not to mention 'response', not 'responce'.


* Disclaimer: I am a HughesNet customer and not a HughesNet employee. All of my comments are my own and do not necessarily represent HughesNet in any way.
Danny89
Sophomore

Re: HT200W Venerability in the wild

Im sure they'll get a security patch out soon!

Just to put in my own two cents though about the security fear, it might be a powerful exploit, but we are on....HughesNet. Ive seen a goodly amount of people that seem like they shouldnt be on HughesNet(Or the competitor), or DishNetwork, or DirecTV, or whatever, but I dont think theres that many. But due to the nature of HughesNet customers...as Mark said, they'd have to be sitting in your driveway to have access, or be a master warbander(is that the term? WiFi hijacker) with an antennae that can connect to your wifi from 5 miles away. Kind of an amusing image to me, evil big city hackers ready to plunder bank accounts....riding out into the deep sticks. They are coming for my Steam Games! Or maybe they'll slowly watch Netflix on my 50GB of data

Still, sounds like a bad exploit that everyone that has the power to fix, needs to fix!