📚 This Chinese Router Is Depressingly Insecure and Downright Evil
💡 Newskategorie: IT Security
🔗 Quelle: news.softpedia.com
A Wi-Fi router manufactured and sold only in China by BHU contains so many security holes that you're looking for trouble just by exposing it to the Internet. The BHU router, whose name translates to "Tiger Will Power," has a long list of security weaknesses, which when all put together, might lead someone to think that this router is as broken as any router they'll ever see in their entire lifetime. Router fails miserably at authentication First and foremost, the router's creators don't know to implement a proper user authentication system. An attacker doesn't need to search for an authentication bypass for long, but if you take IOActive's word, he only has to choose from four methods, which all grant him access to the router's admin account. An attacker authenticating on the router can use a hardcoded session ID (SID) value of 700000000000000 to gain admin privileges. If he misspell... ...