Some routers are susceptible to SNMP injection

Routers from major vendors have been identified as susceptible to a vulnerability known as SNMP injection. ProCheckUp surveyed devices from vendors such as Cisco, Proxim, 3Com and ZyXEL which were all found to be vulnerable.

Identified in ProCheckUp's 'ZyXEL Gateways Vulnerability Research' paper, it allows hackers to cause a persistent HTML injection condition on the web management console of several ZyXEL Prestige router models.

Provided that an attacker has guessed or cracked the write SNMP community string of a device, they would be able to inject malicious code into the administrative web interface by changing the values of OIDs (SNMP MIB objects) that are printed on HTML pages.