. home.aspx

NEWS

home.aspx
   


Nearly 20,000 Orange Modems Leaking Wi-Fi Passwords

December 24, 2018 / Phil Muncaster

Nearly 20,000 Orange modems are being targeted thanks to a vulnerability leaking their SSID and Wi-Fi passwords, researchers at Bad Packets have warned. The firm’s honeypots first picked up the attack traffic targeting Orange Livebox ADSL modems. After conducting a simple Shodan search, chief research officer, Troy Mursch found 19,490 such devices leaking their Wi-Fi credentials in plain text. In addition, over 2000 were not leaking information but still classed as exposed to the internet. “Many of the devices found to be leaking their WiFi password use the same password to administer the device (password reuse) or have not configured any custom password – so the factory default ‘admin/admin’ credentials are still applied,” he explained. “This allows any remote user to easily access the device and maliciously modify the device settings or firmware. In addition, they can obtain the phone number tied to the modem and conduct other serious exploit...