A particular TP-Link router model will spew out its admin password in cleatext to anyone that sends an SMS message to the router 's SIM card with a particular script inside , according to German security researcher Jan Hörsch , who shared Vulnerability-related.DiscoverVulnerability his findings with German newspaper Heise.de . The vulnerability affects Vulnerability-related.DiscoverVulnerability TP-Link model M5350 , a 3G mobile Wi-Fi router , often distributed by mobile telco providers to their customers , along with a SIM card they insert in the router . This SIM card allows the router to connect to the mobile operator 's network , and just like any SIM card , has its own telephone number . In an online conversation with Bleeping Computer , Hörsch , who 's a researcher for German cyber-security firm Securai , says that after he analyzed the router 's firmware , he discovered Vulnerability-related.DiscoverVulnerability a vulnerability in the feature that handles incoming SMS messages . By sending the following SMS , the router would answer back with the admin account password , the Wi-Fi network SSID , and the Wi-Fi network 's password . The issue is n't as dangerous as it sounds , mainly because the attacker needs to know the router SIM card 's phone number in order to exploit it , Hörsch told Bleeping Computer . This issue is one of many the researcher discovered Vulnerability-related.DiscoverVulnerability in recent months in various devices . His findings were summarized and presented in a talk at the recently concluded Kaspersky Security Analyst Summit ( SAS ) , held last week . In the same talk , Hörsch also presented Vulnerability-related.DiscoverVulnerability several other vulnerabilities that allowed him to obtain root access to Hootoo Travelmate and Trendnet TEW714TRU routers and Vstarcam webcams . Other vulnerabilities the researcher discovered Vulnerability-related.DiscoverVulnerability and presented Vulnerability-related.DiscoverVulnerability at SAS include the presence of a hardcoded Telnet password in Startech modems , and a very simple to exploit authentication bypass for Panasonic BM ET200 retina scanners , which allowed anyone access to the admin panel just by deleting a few parameters in an URL . His presentation Vulnerability-related.DiscoverVulnerability also detailed Vulnerability-related.DiscoverVulnerability several flaws in Western Digital MyCloud NAS hard drives , some of which were made public at the start of March by another researcher who disclosed Vulnerability-related.DiscoverVulnerability the bugs .

With everything that ’ s gone down in 2016 it ’ s easy to forget Tim Cook ’ s and Apple ’ s battle with the FBI over data encryption laws . Apple took a strong stance though , and other tech giants followed suite leading to a victory of sorts for ( the little guy in ) online privacy . In this era of web exposure , it was a step in the right direction for those who feel our online identities are increasingly vulnerable on the web . All of this stands for little though when a security flaw in your operating system allows carefully encrypted messages to be effectively decrypted offline . That ’ s what happened to Apple with its iOS 9.2 operating system . Though the patches that ensued largely fixed Vulnerability-related.PatchVulnerability the problem , the whole issue has understandably left iOS users with questions . What really happened and are we at immediate risk ? A paper released in March by researchers at John Hopkins University exposed Vulnerability-related.DiscoverVulnerability weaknesses in Apple ’ s iMessage encryption protocol . It was found Vulnerability-related.DiscoverVulnerability that a determined hacker could intercept the encrypted messages between two iPhones and reveal the 64-digit key used to decrypt the messages . As iMessage doesn ’ t use a Message Authentication Code ( MAC ) or authenticated encryption scheme , it ’ s possible for the raw encryption stream , or “ ciphertext ” to be tampered with . iMessage instead , uses an ECDSA signature which simulates the functionality . It ’ s still no easy feat exploiting the security flaw detailed Vulnerability-related.DiscoverVulnerability by the researchers . The attacker would ultimately have to predict or know parts of the message they are decrypting in order to substitute these parts in the ciphertext . Knowing whether the substitution has been successful though , is a whole other process which may only be possible with attachment messages . The full details of the security flaw , and the complex way it can be exploited Vulnerability-related.DiscoverVulnerability are detailed Vulnerability-related.DiscoverVulnerability in the John Hopkins paper . The paper includes the recommendation that , in the long run , “ Apple should replace the entirety of iMessage with a messaging system that has been properly designed and formally verified ” . One thing that should be made clear is that these weaknesses were exposed Vulnerability-related.DiscoverVulnerability as a result of months of investigation by an expert team of cryptologists . The type of hacker that would take advantage of these weaknesses would undeniably be a sophisticated attacker . That of course doesn ’ t mean that Apple shouldn ’ t take great measures to eradicate this vulnerability in their system . Your messages , though , are not immediately at risk of being decrypted , and much less if you ’ ve installed the patches that came with iOS 9.3 and OS X 10.11.4 ( though they don ’ t completely fix Vulnerability-related.PatchVulnerability the problem ) . Tellingly , the flaws can ’ t be used to exploit numerous devices at the same time . As already mentioned , the process that was exposed by the John Hopskins paper is incredibly complex and relies on various steps that are by no means easy to complete successfully .

With everything that ’ s gone down in 2016 it ’ s easy to forget Tim Cook ’ s and Apple ’ s battle with the FBI over data encryption laws . Apple took a strong stance though , and other tech giants followed suite leading to a victory of sorts for ( the little guy in ) online privacy . In this era of web exposure , it was a step in the right direction for those who feel our online identities are increasingly vulnerable on the web . All of this stands for little though when a security flaw in your operating system allows carefully encrypted messages to be effectively decrypted offline . That ’ s what happened to Apple with its iOS 9.2 operating system . Though the patches that ensued largely fixed Vulnerability-related.PatchVulnerability the problem , the whole issue has understandably left iOS users with questions . What really happened and are we at immediate risk ? A paper released in March by researchers at John Hopkins University exposed Vulnerability-related.DiscoverVulnerability weaknesses in Apple ’ s iMessage encryption protocol . It was found Vulnerability-related.DiscoverVulnerability that a determined hacker could intercept the encrypted messages between two iPhones and reveal the 64-digit key used to decrypt the messages . As iMessage doesn ’ t use a Message Authentication Code ( MAC ) or authenticated encryption scheme , it ’ s possible for the raw encryption stream , or “ ciphertext ” to be tampered with . iMessage instead , uses an ECDSA signature which simulates the functionality . It ’ s still no easy feat exploiting the security flaw detailed Vulnerability-related.DiscoverVulnerability by the researchers . The attacker would ultimately have to predict or know parts of the message they are decrypting in order to substitute these parts in the ciphertext . Knowing whether the substitution has been successful though , is a whole other process which may only be possible with attachment messages . The full details of the security flaw , and the complex way it can be exploited Vulnerability-related.DiscoverVulnerability are detailed Vulnerability-related.DiscoverVulnerability in the John Hopkins paper . The paper includes the recommendation that , in the long run , “ Apple should replace the entirety of iMessage with a messaging system that has been properly designed and formally verified ” . One thing that should be made clear is that these weaknesses were exposed Vulnerability-related.DiscoverVulnerability as a result of months of investigation by an expert team of cryptologists . The type of hacker that would take advantage of these weaknesses would undeniably be a sophisticated attacker . That of course doesn ’ t mean that Apple shouldn ’ t take great measures to eradicate this vulnerability in their system . Your messages , though , are not immediately at risk of being decrypted , and much less if you ’ ve installed the patches that came with iOS 9.3 and OS X 10.11.4 ( though they don ’ t completely fix Vulnerability-related.PatchVulnerability the problem ) . Tellingly , the flaws can ’ t be used to exploit numerous devices at the same time . As already mentioned , the process that was exposed by the John Hopskins paper is incredibly complex and relies on various steps that are by no means easy to complete successfully .

The problems arise from Vulnerability-related.DiscoverVulnerability the way Java and Python ( through the urllib2 library in Python 2 and urllib library in Python 3 ) handle FTP links , which allow the attacker to inject newline ( CRLF ) characters inside the URL , making the Java and Python code think some parts of the URL are new commands . This leads to a flaw that security researchers call Vulnerability-related.DiscoverVulnerability `` protocol injection . '' The FTP protocol injection issue was first detailed Vulnerability-related.DiscoverVulnerability by Russian security lab ONsec in 2014 , but never got the public attention it needed . Two recent reports Vulnerability-related.DiscoverVulnerability have raised Vulnerability-related.DiscoverVulnerability the profile of this flaw , describing two new exploitation scenarios . Security researcher Alexander Klink detailed Vulnerability-related.DiscoverVulnerability on his blog how the FTP protocol injection flaw could be used to send emails using Java 's FTP URL handler . Two days later , Timothy Morgan of Blindspot Security came forward and presented Vulnerability-related.DiscoverVulnerability a more ominious exploitation scenario where the FTP URL handlers in Java and Python could be used to bypass firewalls . Morgan also revealed Vulnerability-related.DiscoverVulnerability that his company informed Vulnerability-related.DiscoverVulnerability both the Python team ( in January 2016 ) and Oracle ( in November 2016 ) about the FTP protocol injection flaw , but neither have issued updates to address Vulnerability-related.PatchVulnerability the reported problem . At the heart of the FTP protocol injection attack resides an older issue in the FTP protocol itself , which is classic mode FTP . The classic mode FTP is an older mechanism that governs how FTP clients and servers interact , which was proved to be insecure in issue # 60 of the Phrack hacking magazine and later detailed in more depth by Florian Weimer . Classic mode FTP has been replaced by a more secure method of client-server FTP interactions known as passive mode FTP . Nevertheless , most firewall products support classic mode FTP connections .