Applies to Avast One for Windows, Avast One for Mac, Avast Premium Security for Windows, Avast Free Antivirus for Windows, Avast Premium Security for Mac, Avast Security for Mac
This article explains how to resolve the issue if Network Inspector in Avast Antivirus shows the following alert:
- Affected by 'Misfortune Cookie' vulnerability
If you see the alert above after running a Network Inspector scan, your router contains a serious vulnerability that could allow an attacker to take control of your network. This makes all of the devices connected to your network vulnerable.
Solution
We recommend trying the possible solutions below in order:
Disable remote admin for your router
You can minimize the risks linked with this vulnerability by ensuring that the remote administration option in your router settings is disabled.
For instructions, refer to the Disable remote admin tab in the following article:
It is also necessary to update your router's firmware.
Update your router's firmware
Newer versions of your router's firmware may contain a fix for this issue. Routers do not typically run updates automatically, so you need to manually download and install any available updates.
Consult the documentation for your router model for instructions on how to download and install firmware updates. If updated firmware is not available, contact the manufacturer of your router to request that they provide a firmware update as soon as possible.
Below are links to the support pages for common router brands:
Apple | Asus | AT&T | Belkin | Cisco | Dell | D-Link | DrayTek | Eero | GL.iNET | Google | Huawei | Linksys | MicroTik | Motorola | NEC | NETGEAR | Sagem/Sagemcom | Speedefy | TP-Link | TRENDnet | Ubiquiti | UniFi | Vodafone | Zyxel
If you are unable to install a firmware update, we recommend replacing your router.
Further details
Your router contains the AllegroSoft RomPager Misfortune Cookie vulnerability.
The affected router is running an outdated version of the RomPager software from AllegroSoft, which is known to have an error within the HTTP cookie management mechanism. A remote attacker could exploit this vulnerability to send specially crafted HTTP cookies to the router, which are designed to corrupt the router memory, allowing the attacker to bypass your security and gain full administrator privileges. This potentially allows the attacker to perform any of the actions below:
- Infect your router and the devices on your network with malware.
- Access private data that is stored on your router, including your login credentials, Wi-Fi password, and configuration data.
Any devices that are connected to your network, including computers, phones, tablets, printers, and security cameras, are at risk.
You can find more information about this vulnerability via the references below:
Updated on: 02/06/2022