Fixing the "Lookup Vulnerability Failure" problem (Arris / TG1672G)

Note: If you cannot fix the problem after you follow these instructions, maybe we can help. Get help from RouterCheck Support.

---

---

Understanding the "Lookup Vulnerability Failure" problem

Computer security experts around the world are constantly testing consumer routers to look for potential vulnerabilities. When they find a vulnerability, they contact the router vendor and provide them with enough information so that they can fix the problem, hopefully in the next release of the router software. Note: the software that runs on a router is typically called "firmware" After waiting a bit of time to allow the vendor to fix the problem, the security expert makes his findings public to alert others of the potential dangers out there. This is standard practice in the industry, and people agree that the system works well.

If RouterCheck says that it looked up a vulnerability for your router, it means that the vulnerability was found for your router's model in a database of known vulnerabilities. Whether your router in particular is vulnerable to this problem depends on certain factors: the most important being the version of the firmware. Firmware is the term for the software that runs on your router. Before you do anything, determine the version of the firmware that you're running. This can typically be done by looking at the router's configuration page - the version number for the firmware is often displayed prominently. You'll then need to read the text of the vulnerability that RouterCheck found. If the firmware you're running is more recent than the firmware in the vulnerability, you're often safe.

What is the risk of not fixing this problem?

Unfortunately, disclosing a vulnerability to the public also provides an alert to hackers that there are hundreds of thousands, if not millions of vulnerable routers out there. You might feel that even if your router has a known vulnerability, it's okay because "How are they ever going to find me?" Unfortunately, finding a router with a vulnerability is perhaps easier than you might think.

As an example - in the winter of 2014, a security researcher found a very significant problem with many router models that he called "Misfortune Cookie". The media reported on this problem and claimed that there were over 12 million routers out there that were susceptable to the problem. Where did a number like 12 million come from? Simple - it came from the researcher who scanned the entire internet looking for routers with this problem, and he found 12 million of them. If a security researcher can find that many vulnerable routers, the hackers can't be that far behind.

So what's the real risk to you if you have some known vulnerability?. It's hard to say - actually it depends on the vulnerability found. Some vulnerabilities are just really bad annoyances - others allow the takeover of your entire network.

Vendor Documentation

Often, it's a good idea to look through the router's documentation to learn how to fix problems. Go to the vendor's support site where you can download documentation.

---

How to fix the "Lookup Vulnerability Failure" problem

Unfortunately, there's only one way to fix a problem with a router that has a vulnerability enbedded in it's firmware. You'll need to update the firmware, assuming that a newer version exists that fixes your problem.

The thought of updating a device's firmware sounds very intimidating to many people, but that's really not necessary. Most vendors make the process fairly simple, so there's nothing to be scared of. You can learn more here: Learn how to load new firmware onto your router