EE have released a patch for their BrightBox routers which addresses some of the issues that I disclosed. Whilst the device now takes more care of user credentials and doesn't seem to be exploitable remotely, it remains vulnerable to CSRF. This potentially allows an attacker to change almost any configuration…
Tag: BrightBox
Total 2 Posts
Shortly after having my new fibre broadband installed, I discovered a method to permanently compromise the security of the BrightBox router provided by EE. After a brief period of traffic analysis, something I do to all new devices on my network, I had found that it is incredibly easy to…
