Printed from http://www.electronista.com

MiFi hotspots easily hacked

updated 04:35 pm EST, Mon January 18, 2010

Novatel MiFi hotspots are vulnerable to attacks

A recent report has found that Novatel's MiFi mobile hotspot can too easily be compromised by hacks. As the MiFi doesn't require a valid session to change settings, researchers have found that they could locate a user over GPS or even cut a connection remotely.

The MiFi's GPS can also be accessed by anyone who simply visits a specific URL address, though the "victim" may get a login prompt when this happens. The device is also vulnerable to Cross-Site Request Forgery (CSRF), allowing certain websites to change the wireless settings of the MiFi.

Another issue is the lack of proper output encoding at various user input points in the interface, including the key field for the WiFi settings.

The providers who sell the MiFi device have reportedly been advised of the issues, but until a fix is issued, users should be aware of these vulnerabilities and should be aware visiting questionable websites may result in revealing their locations. The MiFi is sold by various providers, including Sprint and Verizon. [via Ngenuity]



By Electronista Staff
toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Plantronics Rig Surround 7.1 headset

Trying to capture the true soundscape of video games can be a daunting task. Looking to surround-sound home theater options, users hav ...

Kenu Airframe +

Simple, stylish and effective, the Kenu Aiframe + portable car mount is the latest addition to Kenu's lineup. Released earlier this ye ...

Adesso Compagno X Bluetooth keyboard

The shift from typing on physical keyboards to digital versions on smartphones and tablets hasn't been an easy for many consumers. Fro ...

Sponsor

toggle

Most Commented

 
toggle

Popular News