Opened 3 years ago

Closed 3 years ago

#17873 closed defect (fixed)

Security hole in wps setup

Reported by: anziolin@… Owned by: developers
Priority: highest Milestone:
Component: base system Version: Barrier Breaker 14.07
Keywords: vulnerability wps Cc:


Enabling wps options in wifi-iface section

'option wps_pushbutton 1'

causes the generation of an hostapd.conf line that enables a default pin to access the wifi network.

This is utterly wrong and insecure because:

  • there is no documentation
  • there should be no silent setting of a pin option
  • there should be no valid default setting for a pin option.

This is how I fixed the issue:

diff /rom/lib/netifd/ /lib/netifd/

< set_default wps_pin "12345670"
< append bss_conf "ap_pin=$wps_pin" "$N"

[ "$wps_pin" -gt 0 ] && append bss_conf "ap_pin=$wps_pin" "$N"

Attachments (0)

Change History (1)

comment:1 Changed 3 years ago by nbd

  • Resolution set to fixed
  • Status changed from new to closed

fixed in r42553, r42554

Add Comment

Modify Ticket

as closed .
The resolution will be deleted. Next status will be 'reopened'.

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.