The researchers discovered from SureCloud a gap in Google Chrome and Opera how to manage all of the saved passwords to access the control panel by default. Chrome saves the passwords we use to access the router's router management panel, and automatically puts them when we want to access them. However, the 192.168.1.1 form is an HTTP address, so the information in it is not encrypted. So an attacker can take advantage of this automatic password entry to enter the router to steal data and passwords with a simple click, which the user should be careful of.
This has become easier with the fact that many current routers are using a WiFi password to access the router. So if we store them in passwords in Google Chrome, an attacker can know the password directly without having to access the control panel and get a Wi-Fi password and contact it.
All Chromium-based browsers are affected by this vulnerability, including Chrome, Opera, Slimjet, Torch, and others. All HTTP routers are also affected by access to the control panel.
To execute the attack it is necessary to connect to the Wi-Fi network as described in the video below, after which the user will notice that the WiFi connection has suddenly been disconnected for a few seconds, after which you will be taken to a fake control panel page. By pressing any part, Attackers.
To protect yourself right now, what we can do is use a Chromium-based browser like Firefox or Edge to access the router, or open a Google Chrome incognito tab so that the password is not saved. We also recommend that you avoid saving passwords for any HTTP page, not just the router. Finally, it is also recommended that you change your default password to access the router's router board, and avoid connecting to open and insecure Wi-Fi networks.
تعليقات: 0
إرسال تعليق