Hacker News new | past | comments | ask | show | jobs | submit login
[dupe] Walmart Exclusive Wi-Fi Router Contains Backdoor to Control Devices (hfet.org)
288 points by wikus 60 days ago | hide | past | favorite | 13 comments




Comments merged thither. Thanks!


and you got downvoted for pointing it out


I've long since stopped trying to understand votes around here.


Here's their source, which actually contains details: https://cybernews.com/security/walmart-exclusive-routers-oth...



That original research only looked at one Wavlink router. This is the extended research with the help of two other researchers. And of course the attempted exploit from a malicious IP address which was detected only recently


The link should probably be updated to this one


Agreed. The submitter just created a HN account a few days ago and has only submitted posts to the same website as this is pointing to.


agree


All the (three?) articles about this gloss over whether/how this is remotely exploitable or whether you need to be on the local network. This would seem to be evidence that it is:

> Basically, the first IP address you see there – 222.141.xx.xxx, which comes from China – was trying to upload a malicious file on the router using the vulnerabilities.

Since when does a router respond to the whole world on port 80 by default?


I don't really like the way cybernews [0] is pushing the malicious narrative. There's a fairly large gap from "there is a security exploit being used in the wild" to "this exploit was intentional." This seems much more like the software equivalent of Chinesium.

This really reeks of corner-cutting and negligence. The only way around corner-cutting is to make it expensive and make "doing it right" the cheapest, most profitable way to build something. We can do that with hefty fines for retailers selling this garbage (I think there needs to be more onus on domestic businesses shoveling shit without smelling it first) and creating open hardware/software stacks that are easy to put in a box and sell for $20 on Amazon without hiring any software developers that could screw it up.

[0] https://cybernews.com/security/walmart-exclusive-routers-oth...


Damn I just bought the AX1500 from Walmart ugh




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: