Over 19,000 Orange modems are leaking WiFi credentials
December 24, 2018 / Catalin Cimpanu
Over the weekend, a security researcher has discovered that nearly 19,500 Orange Livebox ADSL modems are leaking WiFi credentials. Troy Mursch, co-founder of Bad Packets LLC, says his company's honeypots have detected at least one threat actor scanning heavily for Orange modems. Scans started Friday, December 21, Mursch said. The attacker is exploiting a vulnerability affecting Orange LiveBox devices (CVE-2018-20377) that was first described in 2012. The vulnerability allows a remote attacker to obtain the WiFi password and network ID (SSID) for the modem's internal WiFi network just by accessing the modem's get_getnetworkconf.cgi. WHY THIS IS A VERY DANGEROUS FLAW. This can be dangerous in a variety of ways. First, it's dangerous because an attacker can use these details for on-location proximity hacks.