Dark Reading – (International) Advanced JavaScript attack threatens SOHO routers. A technique for sending requests to devices on an internal network could be used by online attackers to compromise home and small-business routers, according to two AppSec Consulting researchers who plan to demonstrate the attack at the Black Hat security conference in July. The two researchers build on a technique demonstrated at the Black Hat conference in 2006, using a combination of JavaScript and cross-site request forgery to send requests to devices on an internal network from an external Web site. “With this attack, you can actually start compromising network devices with little to zero user intervention,” said one of the researchers.
Source: http://www.darkreading.com/advanced-threats/167901091/security/attacksbreaches/240002367