A security flaw discovered by researchers at Red Hat has been used to infect nearly all of the world’s public routers.
According to a report from the National Security Agency, the flaw allows an attacker to remotely remotely gain access to the router’s public IP address.
The flaw is called DHCPv220.127.116.11.0 and was first reported by Ars Technica.
This means that if an attacker manages to gain remote access to an existing DHCP server on the network, they can use it to hijack other devices’ traffic.
The Red Hat researchers discovered the vulnerability in December 2016 and have been working to patch it since then.
The patch was released in May, but it only patched one of the three main versions of the DHCPv4 protocol.
The vulnerability is described in detail in a paper by the Red Hat team that was published in May 2017.
The paper notes that the vulnerability is particularly important because the vulnerability allows attackers to hijacking other devices to connect to a network.
It also explains how the vulnerability works:When a DHCP server is configured with an IP address of 192.168.0.*, an attacker can gain access by using the server’s DHCPv1.1 public address to connect directly to the device.
The attacker then uses the device’s network traffic to connect via the same DHCPv2.1 to the target device.
Once the attacker connects to the affected device, the attacker can hijack the device via DHCPv0.0, using the target’s IP address to access the network.
To make things worse, the DHCP server’s default configuration is not configured to prevent the DHCP client from using an IP to connect, which makes it easy for the attacker to hijak the DHCP router.
The researchers warn that they cannot provide a fix for the vulnerability, but they suggest that an attacker who has full access to a public IP should be able to connect remotely to the server and hijack all the devices on the LAN.
The paper recommends that enterprises take steps to ensure that they don’t allow DHCP clients to connect using public addresses.
It’s also recommended that enterprise-level networks implement a mechanism to prevent DHCP clients from connecting to devices using DHCPv5.
This is not the first time that Red Hat and other companies have been compromised by a public-facing DHCP flaw.
Last year, researchers at the company discovered a flaw in a tool called DHCPV4 that allowed attackers to remotely gain full access over a router’s network.
The tool had been installed on millions of routers worldwide, allowing attackers to perform a variety of attacks.
The latest vulnerability was found in the Redhat-branded Red Hat Edge router.