This “security” is so outrageous we had to look for hidden cameras to make sure we’re not being pranked. We don’t want to ruin the face-palming realization for you, so before clicking past the break look closely at the image above and see if you can spot the exploit. It’s plain as day but might take a second to dawn on you.
The exploit was published on [Mark C.’s] Twitter feed after waiting a couple of weeks to hear back from TP-LINK about the discovery. They didn’t respond so he went public with the info.
Shown in this image is the WR702N, a nice little router that’s popular in a lot of hacks due to relatively low power, low cost, and small size. During the design phase someone had the forethought to make a WiFi AP password that isn’t merely a default. But that’s where this went off the rails. They did the next worst thing, which is to assign a password that gets broadcast publicly: the last eight characters of the MAC address. This will be unique for each device, but it is also promiscuously broadcast to any device that cares to listen. The obvious next step is to script a scanning routine which [Mark] took care of with a one-liner:
We know what you’re thinking. Users should always change default passwords anyway. But our devices need to be secure by default.