Talktalk Router Vulnerability says Avast

  Eargasm 19:48 03 Jan 2019
Locked
Answered

Running Windows 10, I have a TalkTalk Wi-Fi Hub5364, when I run ascan with my Avast Anti virus, it show a Network issue and says " Your Device is not configured correctly" " Service is Vulnerable to attacks from within your network". DNS : Device is Vulnerable to attacks.

Type DNS Port 53 Vulnerability ID CVE-2017-14491 When I check details from Avast it says " DNS Service is running an outdated DnsMasq software which is known to have a heap buffer overflow" Anyone have any ideas how to fix this issue ?. Thanks.

  qwbos 19:55 03 Jan 2019

Have you had a look on Avast and/or TalkTalk forums?

  Eargasm 20:01 03 Jan 2019

I've had a quick look plus a Google, I have yet to contact TalkTalk, some sites say look for a firmware upgrade to the router, but I can't find anything online, the router is a fairly new one, sent from TalkTalk 3 months ago when I upgraded my package. Interestingly, Avast offers me a " One Click" solution a "Secureline VPN" at £ 30 a year.

  davecartman 10:47 04 Jan 2019

Recently EE upgraded my brightbox and my Avast immediately began reporting the same problem. Avast insisted there was a problem but on contacting EE they insisted that the problem was with Avast and it was a false alert. Don't know if this helps but I am ignoring the Avast. The offer of a VPN I think is just a sales pitch and nothing to do with the other issue.

  Fruit Bat /\0/\ 11:10 04 Jan 2019

" Service is Vulnerable to attacks from within your network"

as long as its is OK from attacks from outside your network then I wouldn't worry too much if you are just running a home network.

  Eargasm 16:25 04 Jan 2019
Answer

Thanks for the replies Dave and Fruit Bat, it seems the router is protected, and it's a issue with Avast. I found this on the talktalk site.

Re-assuring to know that TalkTalk haven't updated the new routers! TalkTalk, don't you think you should get this sorted out? My security software identified this after scanning my hub.

'The affected device's DNS service is running an outdated version of the DnsMasq software which is known to have a heap buffer overflow vulnerability. A remote attacker can gain control of your network device and your Internet connection by sending malformed DNS packets to the device. It allows the attacker to intercept connections and perform a traffic hijack, or execute arbitrary code with unrestricted privileges as well as access all important and private data stored on the device -- your device login/password combination, your Wi-Fi password, and your configuration data'

any response TalkTalk? Here was the reply...

Avast security software?

TalkTalk have determined that the Wi-Fi Hub is not vulnerable because of measures taken in firmware to protect against the DnsMasq intrinsic vulnerability. Your security software wouldn't be aware of the counter measures.

The next version of Wi-Fi Hub firmware has undergone TalkTalk trials and is due for more customer trials soon and, when released, will incorporate the updated DnsMasq software.

Thanks again to all who replied.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

How to watch the Huawei Mate 30 launch live: Munich, September 19

Pantone has invented 294 new colours

iOS 13 release date, time & new features

Google Pixel 4 : date de sortie, prix et autres rumeurs