Hacker News new | past | comments | ask | show | jobs | submit login
[dupe] Walmart Exclusive Wi-Fi Router Contains Backdoor to Control Devices (hfet.org)
288 points by wikus 60 days ago | hide | past | favorite | 13 comments

Comments merged thither. Thanks!

and you got downvoted for pointing it out

I've long since stopped trying to understand votes around here.

Here's their source, which actually contains details: https://cybernews.com/security/walmart-exclusive-routers-oth...

That original research only looked at one Wavlink router. This is the extended research with the help of two other researchers. And of course the attempted exploit from a malicious IP address which was detected only recently

The link should probably be updated to this one

Agreed. The submitter just created a HN account a few days ago and has only submitted posts to the same website as this is pointing to.


All the (three?) articles about this gloss over whether/how this is remotely exploitable or whether you need to be on the local network. This would seem to be evidence that it is:

> Basically, the first IP address you see there – 222.141.xx.xxx, which comes from China – was trying to upload a malicious file on the router using the vulnerabilities.

Since when does a router respond to the whole world on port 80 by default?

I don't really like the way cybernews [0] is pushing the malicious narrative. There's a fairly large gap from "there is a security exploit being used in the wild" to "this exploit was intentional." This seems much more like the software equivalent of Chinesium.

This really reeks of corner-cutting and negligence. The only way around corner-cutting is to make it expensive and make "doing it right" the cheapest, most profitable way to build something. We can do that with hefty fines for retailers selling this garbage (I think there needs to be more onus on domestic businesses shoveling shit without smelling it first) and creating open hardware/software stacks that are easy to put in a box and sell for $20 on Amazon without hiring any software developers that could screw it up.

[0] https://cybernews.com/security/walmart-exclusive-routers-oth...

Damn I just bought the AX1500 from Walmart ugh

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact