Printed from http://www.electronista.com

MiFi hotspots easily hacked

updated 04:35 pm EST, Mon January 18, 2010

Novatel MiFi hotspots are vulnerable to attacks

A recent report has found that Novatel's MiFi mobile hotspot can too easily be compromised by hacks. As the MiFi doesn't require a valid session to change settings, researchers have found that they could locate a user over GPS or even cut a connection remotely.

The MiFi's GPS can also be accessed by anyone who simply visits a specific URL address, though the "victim" may get a login prompt when this happens. The device is also vulnerable to Cross-Site Request Forgery (CSRF), allowing certain websites to change the wireless settings of the MiFi.

Another issue is the lack of proper output encoding at various user input points in the interface, including the key field for the WiFi settings.

The providers who sell the MiFi device have reportedly been advised of the issues, but until a fix is issued, users should be aware of these vulnerabilities and should be aware visiting questionable websites may result in revealing their locations. The MiFi is sold by various providers, including Sprint and Verizon. [via Ngenuity]



By Electronista Staff
toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Logitech Hyperion Fury mouse

Selecting the correct gaming mouse comes down to finding a device that balances the needs of a user with a price they can afford. Ofte ...

Life n Soul BM211 Bluetooth speaker

Bluetooth speakers aren't only for listening to some music at the park or on a long bus ride, but can also be built with tablets in mi ...

Epson PowerLite Home Cinema 2030 projector

With high-definition televisions now the standard, 4K televisions becoming the next big thing, and plasma TVs going the way of the din ...

Sponsor

toggle

Most Commented

 
toggle

Popular News