Printed from http://www.electronista.com

MiFi hotspots easily hacked

updated 04:35 pm EST, Mon January 18, 2010

Novatel MiFi hotspots are vulnerable to attacks

A recent report has found that Novatel's MiFi mobile hotspot can too easily be compromised by hacks. As the MiFi doesn't require a valid session to change settings, researchers have found that they could locate a user over GPS or even cut a connection remotely.

The MiFi's GPS can also be accessed by anyone who simply visits a specific URL address, though the "victim" may get a login prompt when this happens. The device is also vulnerable to Cross-Site Request Forgery (CSRF), allowing certain websites to change the wireless settings of the MiFi.

Another issue is the lack of proper output encoding at various user input points in the interface, including the key field for the WiFi settings.

The providers who sell the MiFi device have reportedly been advised of the issues, but until a fix is issued, users should be aware of these vulnerabilities and should be aware visiting questionable websites may result in revealing their locations. The MiFi is sold by various providers, including Sprint and Verizon. [via Ngenuity]



By Electronista Staff
toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Samsung SmartCam HD Pro

Keeping an eye on the home while out and about these days is common practice, assisted by modern technology. Internet cameras became p ...

Fugoo Bluetooth speaker

It's rare to find a Bluetooth speaker that can cover a large array of needs. Generally, speakers are wrapped in a desktop-convenient d ...

Epson LW-600P

Label makers are traditionally simple machines that perform a single task which people feel they can either live with or without. In m ...

Sponsor

toggle

Most Commented

 
toggle

Popular News