Novatel To Patch Mifi Security Issue

Posted by Kallan Dahn Thursday, January 21, 2010

Novatel has announced they intend to release an patch for the popular Mifi 2200.  Recently it was discovered that settings in the device could be altered in the device via malicious code on a webpage.  The alterations to the settings would allow hackers to lock the owner out and keep them from accessing the router.  Novatel made it very clear that the only private data that could be aquired through this was GPS location information and only when the GPS is turned on, and only while on the website infected with the malicious code.  The exploit comes about due to Novatel intentionally allowing the device to be manipulated using CGI.  This allows developers to create web-based widgets for the device to assist users in modifying options with their unit.  Several of the settings, as a result, are offered openly from Novatel.  The settings that exploit the unit were not published, but are manipulated in the same style as the other settings available for developers.  Either way Novatel stresses that the moment you leave an infected website, the unit is no longer compromised. This hack leaves no Malware behind, and any data transmitted or received from the Mifi is secure.

Bookmark and Share

Related Articles



Post a Comment