Malwarebytes

AUGUST 1, 2022

This web server is present in Arris firmware which can be found in several router models. last official release 2010) has a path traversal vulnerability. Unfortunately the Arris firmware is based on the vulnerable version of muhttpd. The SSID and plaintext password of the 2G and 5G Wi-Fi networks broadcast by the device.

Firmware 144

Firmware Internet Internet Passwords 144

SecureList

JUNE 8, 2022

Number of router vulnerabilities according to cve.mitre.org, 2010–2022 ( download ). Number of router vulnerabilities according to nvd.nist.gov, 2010–2022 ( download ). search for smart devices with the default password in the summer of last year revealed more than 27,000 hits, a similar search in April 2022 returned only 851.

DDOS 107

DDOS Passwords IoT Firmware 107

Malwarebytes

AUGUST 1, 2022

This web server is present in Arris firmware which can be found in several router models. last official release 2010) has a path traversal vulnerability. Unfortunately the Arris firmware is based on the vulnerable version of muhttpd. The SSID and plaintext password of the 2G and 5G Wi-Fi networks broadcast by the device.

Firmware 55

Firmware Internet Internet Passwords 55

SecureList

MAY 23, 2022

The following potential vectors of attacks on ISaGRAF-based devices have been identified: A remote unauthenticated attacker could execute privileged commands of the IXL service on devices with ISaGRAF Runtime versions released before 2010. A remote attacker could easily implement a password brute force attack in ISaGRAF Runtime.

Architecture 87

Architecture Authentication Passwords Encryption 87

Security Affairs

OCTOBER 20, 2018

CVE-2018-18472 – XXE and Unauthenticated Remote Command Execution in Axentra Hipserv NAS firmware. . It’s used in different devices from different vendors, the affected devices sharing the firmware are: Netgear Stora. The company provides a firmware with a web interface that mainly uses PHP as a serverside language.

Firmware 94

Firmware IoT VPN Authentication 94

Privacy and Cybersecurity Law

NOVEMBER 6, 2018

If the device is equipped with a “means for authentication outside a local area network, it shall be deemed a reasonable security feature” if either of the following security requirements are met: The reprogrammed password is unique to each device manufactured[;] or. Code § 1798.91.06(a)) Code § 1798.91.06(c))

IoT 45

IoT Cybersecurity Manufacturing Technology 45

Privacy and Cybersecurity Law

NOVEMBER 5, 2018

If the device is equipped with a “means for authentication outside a local area network, it shall be deemed a reasonable security feature” if either of the following security requirements are met: The reprogrammed password is unique to each device manufactured[;] or. Code § 1798.91.06(a)) Code § 1798.91.06(c))

IoT 45

IoT Cybersecurity Manufacturing Technology 45