Full Disclosure mailing list archives
Re: Vulnerabilities in Transcend Wi-Fi SD Card
From: Joey Kelly <joey () joeykelly net>
Date: Mon, 27 Mar 2017 18:54:37 -0400
On 03/26/2017 04:43 PM, MustLive wrote:
Brute Force (WASC-11): There is no protection against BF attacks in admin panel 192.168.11.254, because Basic Authentication is used. It is unlikely that the owner will change login and password for admin panel. But if will change, then they can be picked up.
This conflates two issues, and anyhow, Basic Authentication is not a problem (Digest won't be any more secure than Basic, if SSL is used... is it present?).
Cross-Site Request Forgery (WASC-09): There are CSRF vulnerabilities in admin panel. Such as this one: in login process there is no captcha, so besides lack of protection against BF, also CSRF attack can be made. It's possible to remotely enter into admin panel (with default login and password) for conducting further CSRF attacks.
CAPTCHA has nothing to do with CSRF. Neither do default credentials. -- Joey Kelly Minister of the Gospel and Linux Consultant http://joeykelly.net 504-239-6550 _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Vulnerabilities in Transcend Wi-Fi SD Card MustLive (Mar 27)
- Re: Vulnerabilities in Transcend Wi-Fi SD Card Joey Kelly (Mar 28)