J-Security Center

Title: Multiple Wireless Routers Predictable Default WEP/WPA Key Security Bypass Vulnerability

Severity: CRITICAL

Description:

Multiple wireless routers are prone to a vulnerability that can allow an attacker to predict their default WEP/WPA encryption keys.

Specifically, the algorithm to generate default SSID and encryption key values is based on a hash of the device's serial number.

Attackers can exploit this issue to bypass authentication to an affected device, which can allow them to completely compromise the device or to gain access to the private network.

The following products are vulnerable:

- Thomson SpeedTouch
- BT Home Hub

Affected Products:

  • BT Home Hub
  • Thomson SpeedTouch

References:

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.