FritzBox and VoIP routers: Unsecured
The FritzBox is a fine wireless router and one of the first commercialized all-in-one device for domestic communications. You can access the Internet, but also plug your traditional handset to make phone calls over IP. The wireless router is a good one; Trusted Reviews recently gave it a 9 on 10 mark and stamped a TR Recommended label. Cool — but the device isn’t secured.
A blogger called Mazzoo affirmed an attacker can crash the VoIP application using a UDP packet with a zero length payload, because of an error in the firmware for the Fritz!Box Fon 7050 and other models, reports Heise Security.
And it won’t be solved tomorrow. Still according to the blogger, the discovered bug has been reported six months ago. AVM, the router manufacturer, should be alerted, but since then, hasn’t rolled out any updates yet. Some other routers might be at risk, adds Heise Security. And considering 2007 the year of VoIP hacking, it might be useful to be cautious.
Jan 22, 2007 | By Nuno