Your WAP Is at Risk: A Vulnerability Analysis on Wireless Access Point Web-Based Management Interfaces
Table 3
Vulnerabilities per AP.
Vulnerability (severity)
ASUS
D-Link
Linksys
Netgear
TP-Link
Xiaomi
HTTP resp. splitting (H)
✓
HTTP smuggling (H)
✓✓
✓✓
✓
✓✓
Offline decryption (H)
✓
Outdated software (H)
✓✓
✓✓
✓✓✓
✓
✓
✓
Path traversal (H)
✓
✓
Replay (H)
✓
✓
Brute-force protection bypass (M)
✓
Clickjacking (M)
✓
✓
DoS (M)
✓
✓
✓
✓
✓
✓(H)
Improper auth. (M)
✓
Info leak (M)
✓
Out-of-band (M)
✓✓
Reflected XSS (M)
✓
Stored XSS (M)
✓
The letters in parentheses indicate the severity level per vulnerability; “H” stands for High and “M” for Medium. Every checkmark designates either an exploit or one outdated software version with at least one active CVE ID.
