Modify

Opened 3 years ago

Closed 3 years ago

#17873 closed defect (fixed)

Security hole in wps setup

Reported by: anziolin@… Owned by: developers
Priority: highest Milestone:
Component: base system Version: Barrier Breaker 14.07
Keywords: vulnerability wps Cc:

Description

Enabling wps options in wifi-iface section

'option wps_pushbutton 1'

causes the generation of an hostapd.conf line that enables a default pin to access the wifi network.

This is utterly wrong and insecure because:

  • there is no documentation
  • there should be no silent setting of a pin option
  • there should be no valid default setting for a pin option.

This is how I fixed the issue:

diff /rom/lib/netifd/hostapd.sh /lib/netifd/hostapd.sh

293d292
< set_default wps_pin "12345670"
301c300
< append bss_conf "ap_pin=$wps_pin" "$N"
---

[ "$wps_pin" -gt 0 ] && append bss_conf "ap_pin=$wps_pin" "$N"

Attachments (0)

Change History (1)

comment:1 Changed 3 years ago by nbd

  • Resolution set to fixed
  • Status changed from new to closed

fixed in r42553, r42554

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.