Some Internet gateway devices commonly used by hotels and conference centers can easily be compromised by hackers, allowing them to launch a variety of attacks against guests accessing the Wi-Fi networks.

The affected devices, designed to manage visitor-based networks, are manufactured by a company called ANTlabs and are used by both cheap and luxury hotels around the world, according to researchers from security firm Cylance.

The researchers discovered that multiple ANTLabs InnGate models contained a misconfigured rsync service that listened on TCP port 873 and gave unauthenticated attackers full read and write access to the device file system.

Rsync is a utility used for file and directory synchronization between Linux systems, so it has file upload and download functionality. The tool supports authentication and can be limited to specific directories, but on the affected ANTLabs InnGate devices, it had been configured in an insecure manner by default.

Read the Full Article: Source – PC World
http://www.pcworld.com/article/2903116/popular-hotel-internet-gateway-devices-vulnerable-to-hacking.html

source not found