An analysis of hundreds of publicly available firmware images for routers, DSL modems, VoIP phones, IP cameras and other embedded devices uncovered high-risk vulnerabilities in a significant number of them, pointing to poor security testing by manufacturers.
The study was performed by researchers from the Eurecom research center in France and Ruhr-University Bochum in Germany, who built an automated platform capable of unpacking firmware images, running them in an emulated environment and starting the embedded Web servers that host their management interfaces.
