Printed from http://www.electronista.com

MiFi hotspots easily hacked

updated 04:35 pm EST, Mon January 18, 2010

Novatel MiFi hotspots are vulnerable to attacks

A recent report has found that Novatel's MiFi mobile hotspot can too easily be compromised by hacks. As the MiFi doesn't require a valid session to change settings, researchers have found that they could locate a user over GPS or even cut a connection remotely.

The MiFi's GPS can also be accessed by anyone who simply visits a specific URL address, though the "victim" may get a login prompt when this happens. The device is also vulnerable to Cross-Site Request Forgery (CSRF), allowing certain websites to change the wireless settings of the MiFi.

Another issue is the lack of proper output encoding at various user input points in the interface, including the key field for the WiFi settings.

The providers who sell the MiFi device have reportedly been advised of the issues, but until a fix is issued, users should be aware of these vulnerabilities and should be aware visiting questionable websites may result in revealing their locations. The MiFi is sold by various providers, including Sprint and Verizon. [via Ngenuity]



By Electronista Staff
toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Advertisement

Recent Reviews

JBL Synchros Reflect in-ear headphones

All headphones are not created equally, especially when it comes to use during vigorous activities or workouts. Over-the-ear headphone ...

Linksys WRT1200AC Wi-Fi Router

Once upon a time, a brand-new Linksys router showed up on our doorstep. So we gathered some network-minded friends together, and hooke ...

Rapoo A300 Mini Bluetooth NFC Speaker

The Rapoo Bluetooth Mini NFC Speaker is a little metallic box about the size of a baseball. In spite of its small size, we were very p ...

Advertisement

toggle

Most Commented

 
toggle

Popular News