Thursday, 22 September 2016

Got a BT Wi-Fi Extender 300? Time to upgrade the Firmware ASAP!

BT is urging folks to patch the firmware in its Wi-Fi Extender 300 following the discovery of multiple security flaws.

Security researchers at Pen Test Partners discovered vulnerabilities with the consumer-grade kit, including cross-site scripting and the ability to change a password without knowing it.

Pen Test Partners found it was possible to combine these flaws and exploit them to snatch a victim's WPA wireless network passphrase after tricking them into visiting a maliciously constructed webpage while connected to their home network.