Who moved my camera Toshiba SD memory card (Nissan) has a logic vulnerability that can be attacked

Source: Internet
Author: User

Who moved my camera Toshiba SD memory card (Nissan) has a logic vulnerability that can be attacked

Who moved my camera-Toshiba SD memory card (Nissan) has a logic vulnerability that can be attacked
Today, the national shame day went to the mourning center at the left-side east Chiri-Chik tragedy in kazaqin, Chaoyang, Liaoning Province, and recorded some imaging materials. The result is ironic: We found our Nissan photographic equipment in a clean line, and tested it. A logic vulnerability can be attacked by hackers, stealing photos and modifying the configuration until they are decommissioned.
I performed an authorized penetration test on my photographic devices to demonstrate the existence of this general security vulnerability.

Tool Path: Remote
Attack complexity: high (but this does not prevent the problem)
Affected products: toshba FlashAir w-03 Wireless LAN WL-SD
Verification required: no verification required
Integrity: completely
Availability: completely
Confidentiality: completely


Toshiba sd (TOSHIBA FlashAir w-03 Wireless LAN WL-SD) memory card has a logical vulnerability, access to the network without verification can be copied to delete photos or even modify the SD card settings, the Master cannot access the product after the reset button is modified. Hackers can use this vulnerability to steal or delete photos and modify configuration files to invalidate and decommission photos.

When this product is used for the first time, although there is a warning that the SSID and network access password are modified, the network access password can be intercepted, at the same time, due to the lack of other similar product management interface user name and password verification mechanisms, resulting in the generation of logical vulnerabilities, resulting in all security policies are ineffective.


 

 

 

 

 

 

 

 

 

 



Cracked network password


 

 

 

 

 

 



Unauthorized direct access
 

 

 

 

 

 





Problem process analysis and rectification plan
 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Solution:

 

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.