Full Disclosure mailing list archives

Re: Vulnerabilities in Transcend Wi-Fi SD Card

From: Joey Kelly <joey () joeykelly net>
Date: Mon, 27 Mar 2017 18:54:37 -0400

On 03/26/2017 04:43 PM, MustLive wrote:

Brute Force (WASC-11):

There is no protection against BF attacks in admin panel 192.168.11.254,
because Basic Authentication is used. It is unlikely that the owner will
change login and password for admin panel. But if will change, then they
can be picked up.


This conflates two issues, and anyhow, Basic Authentication is not a
problem (Digest won't be any more secure than Basic, if SSL is used...
is it present?).


Cross-Site Request Forgery (WASC-09):

There are CSRF vulnerabilities in admin panel. Such as this one: in login
process there is no captcha, so besides lack of protection against BF, also
CSRF attack can be made. It's possible to remotely enter into admin panel
(with default login and password) for conducting further CSRF attacks.


CAPTCHA has nothing to do with CSRF. Neither do default credentials.


-- 
Joey Kelly
Minister of the Gospel and Linux Consultant
http://joeykelly.net
504-239-6550

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Current thread:

Vulnerabilities in Transcend Wi-Fi SD Card MustLive (Mar 27)
- Re: Vulnerabilities in Transcend Wi-Fi SD Card Joey Kelly (Mar 28)