There is a severe vulnerability in a lot of routers of various brands, models and software versions. The bug allows unauthenticated anonymous HTTP requesters from outside network (from WAN interface) to download configuration file from the router including its passwords to configuration web interface. Attackers massively abuse this vulnerability to gain access and change DNS servers that are used by the router as well as the computers behind it and they redirect high-profile and generally trusted web pages to malware or phishing sites.

Counts of vulnerable boxes per country

Current world map

Raw results (text file)

Trends in the world (delta maps)

Each map shows changes (increase is red and decrease green) since the first scan (20140518).

[ 20140612 | 20140715 | 20140807 | 20140918 | 20141031 | 20141124 ]

Country trend charts

[ BD | BL | BN | BE | BF | BG | BA | BB | BM | BO | BH | BJ | BT | BW | WS | BR | JE | BY | BZ | RU | RW | RS | RE | LU | RO | GT | GR | GP | JP | GG | GQ | GF | GE | GB | GA | SV | GI | GH | OM | JO | HR | HU | HK | HN | VE | PS | PT | PY | PA | PF | PG | PE | PK | PH | PL | EE | EG | ZA | EC | AL | VN | ZW | SA | ES | ME | MD | MG | MA | MC | UZ | MN | MK | MU | MT | MW | MV | MQ | MR | AU | UG | UA | MX | IL | FR | AX | FI | FJ | FO | NL | NO | NA | NC | NG | NZ | CK | CI | CH | CO | CN | CM | CL | CA | CZ | CY | CR | CU | SY | KG | KH | KN | KM | SK | SI | KW | SN | SM | KZ | SG | SE | SD | DO | DK | DE | YE | DZ | US | UY | TZ | LA | TW | TR | TM | LK | LI | TN | LT | TJ | LS | TH | TC | LY | VA | AE | AD | AF | IQ | IR | AM | IT | AO | AR | IM | AT | IN | LB | AZ | IE | ID | MY | QA | MZ | PR | ZM | KY | MF | MO | NE | NP | SZ | KR | LC | AG | IS | JM | GM | LV | KE | ST | KR | SC | LV | ML | CV | KR | DM | AG | GM | LV | ML | CV | KR | DM | YT | JM | LV | ML | CV | VG | YT | TG | IS | GM | LV | ML | CV ]