A security researcher has discovered that nearly 19,500 Orange Livebox ADSL modems are leaking WiFi credentials. Troy Mursch, co-founder of Bad Packets LLC, says his company’s honeypots have detected at least one threat actor scanning heavily for Orange modems, starting on Friday, December 21.
The attacker is exploiting a vulnerability affecting Orange LiveBox devices (CVE-2018-20377) that was first described in 2012. The vulnerability allows a remote attacker to obtain the WiFi password and network ID (SSID) for the modem’s internal WiFi network just by accessing the modem’s get_getnetworkconf.cgi.
Read more about the Orange modems leaking credentials on ZDNet.