Skip to content
Permalink
master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
 
 
Cannot retrieve contributors at this time
Bastille Tracking Number 21
CVE-2017-9522
Overview
A vulnerability has been discovered that enables an attacker to connect to a Time Warner customer's Wi-Fi network, provided that the customer's gateway is using the default Wi-Fi credentials. This allows the attacker to access the Internet for free, and attribute any malicious activity to the Time Warner customer they are impersonating.
Affected Platforms
Technicolor TC8717T
Proof-of-Concept Details
The default Wi-Fi passphrase is a combination of the SSID and BSSID, making it trivial for an attacker to connect to a Time Warner customer's Wi-Fi network.
Default Wi-Fi credentials are configured as follows:
SSID: TC8717T66
Passphrase: TC8717T334466
BSSID: 00:11:22:33:44:55
By observing a beacon frame, which contains the SSID and BSSID, an attacker is able to generate the passphrase, and connect to the customer's private Wi-Fi network.
Test Environment
Technicolor TC8717T
Mitigation
Time Warner customers can mitigate this vulnerability by changing the Wi-Fi credentials on their gateway.
Recommended Remediation
Use default Wi-Fi credentials which are difficult for an attacker to guess.
Credits
Marc Newlin and Logan Lamb, Bastille
Chris Grayson, Web Sight.IO