Last year we blogged about multiple security issues affecting Sitecom device models WLM-3500 and WLM-5500. One of the issues we identified allowed attackers to obtain the default wireless passphrase in a single shot, as the wireless key was derived from the device MAC address using an algorithm included inside the device firmware. This is a very serious issue, as many users almost never change the default Wi-Fi passphrase.
We recently had the opportunity to analyze some other Sitecom routers, more precisely models WLR-4000 and WLR-4004. To make a long story short, we soon realized they were affected by the very same issue: attackers can generate the default wireless key starting from publicly-available information (i.e., the MAC address).
more here.....http://webcache.googleusercontent.com/search?q=cache:JHSq2NWrGJUJ:blog.emaze.net/+&cd=1&hl=en&ct=clnk
We recently had the opportunity to analyze some other Sitecom routers, more precisely models WLR-4000 and WLR-4004. To make a long story short, we soon realized they were affected by the very same issue: attackers can generate the default wireless key starting from publicly-available information (i.e., the MAC address).
more here.....http://webcache.googleusercontent.com/search?q=cache:JHSq2NWrGJUJ:blog.emaze.net/+&cd=1&hl=en&ct=clnk