Avast gives false positive rom-0 vulnerabity of my router

[REDACTED]

Hi,

I have run the network scan and Avast claims that my router is infected and is vulerably to rom-0. But I have tried to access the router using http://192.168.1.1/rom-0 and I get a log in prompt if I am not logged in to the router and a 404 page if I am logged in.

This makes me feel that Avast is lying to me and I don't trust the claim that my router is infected either.

Kind regards,
Daniel

[Pondus]

I have run the network scan and Avast claims that my router is infected and is vulerably to rom-0.

I dont think avast say infected, just vulnerable .... you may post a screenshot


How to upgrade your router with the latest firmware or replace it completely
https://blog.avast.com/2014/11/13/network-security-4-how-to-upgrade-your-router-with-the-latest-firmware-or-replace-it-completely/

[REDACTED]

Avast is very clear that I have an infected router.

I have Avast with swedish language and therefore the first page is in Swedish. But I click on "Mer info" (More information) and when get the second page. The third attached image is when I scroll down the page.

Kind regards,
Daniel

[Pondus]

Avast is very clear that I have an infected router.

Jajamen grabben ... that is just the warning sign, if you read all the details (also google) you will see that rom-0 is a vulnerability not a infection

[REDACTED]

Avast also tells me that I'm vulerably to "VULN DLINK PHP AUTH BYPASS".

I have searched on the Internet about this and found these two pages:
http://forums.dlink.com/index.php?topic=23161.0
http://www.devttys0.com/wp-content/uploads/2010/12/dlink_php_vulnerability.pdf

I do have a D-Link DIR-615 router, but my router has revision H and the firmware is from 2012, after this vulnerability was found. And I have also tried the "proof of concept" URL:
http://192.168.1.1/bsc_lan.php?NO_NEED_AUTH=1&AUTH_GROUP=0

And it is clear that I don't have this vulnerabity in my router.

This gives me the impression that Avast tries to scare the shit out of me, but that everything is a big lie.

One other interresting thing. I have two computers, there one has updated Avast today and one which is not updated today. When I run the network test on the computer which is updated today, I get the alarms that the router has the rom-0 vulnerabity, the d-link vulnerabity and that the router is infected. When I run the network test on the other computer which also claims that all parts of Avast on that computer is updated, I don't get any alarms at all. Avast on that computer says that my network is safe and clean. That doesn't make sense at all!

Kind regards,
Daniel

[REDACTED]

Avast is very clear that I have an infected router.

Jajamen grabben ... that is just the warning sign, if you read all the details (also google) you will see that rom-0 is a vulnerability not a infection

Look at the third image. It says "Avast Home Network Security Alerts:" and "Your router is infected". And a red exclamation mark at the left.

Maybe Avast is saying: "This software checks for these vulnerabibilities" but if so, they are saying that in a very stupid way. When I read "Your router is infected", I actually belive that my router is infected!