JGrana
Very Senior Member
Interesting issue with an RT-AC68U running ASUS latest firmware....
A warning popped up today that said my router was "vulnerable".
In doing some looking around, I noticed a shell script that started after a reboot.
The script is in /usr/sbin. The name of the executable is usbtest.sh.
It's contents are (simply):
#!/bin/sh
rm -rf `find -name WARNING_YOU_ARE_VULNERABLE.txt`
Anyone see this (usbtest.sh) in their routers /usr/sbin directory?
I am out of town today, so I did not see the pop up first hand. My wife (very non technical) told me this comes up whenever she starts IE and it won't go away.
I will be home tomorrow, but in the mean time I ssh into a client (that had port forwarding of ssh), then telneted to the Asus RT-AC68U. I have been searching, but don't see the txt file it was trying to remove.
It might have already deleted it.
Hmmm....ideas?
thx
A warning popped up today that said my router was "vulnerable".
In doing some looking around, I noticed a shell script that started after a reboot.
The script is in /usr/sbin. The name of the executable is usbtest.sh.
It's contents are (simply):
#!/bin/sh
rm -rf `find -name WARNING_YOU_ARE_VULNERABLE.txt`
Anyone see this (usbtest.sh) in their routers /usr/sbin directory?
I am out of town today, so I did not see the pop up first hand. My wife (very non technical) told me this comes up whenever she starts IE and it won't go away.
I will be home tomorrow, but in the mean time I ssh into a client (that had port forwarding of ssh), then telneted to the Asus RT-AC68U. I have been searching, but don't see the txt file it was trying to remove.
It might have already deleted it.
Hmmm....ideas?
thx
