![]() ![]() ![]() When configured to receive files, an open Wi-Fi HotSpot is created and no password is set. The fourth SHAREit vulnerability, CVE-2016-1492, concerns SHAREit for Android. A hacker could not only view those files but also modify the content. The third vulnerability, named CVE-2016-1489, is the transfer of files in plain text via HTTP without encryption. The password is always the same and any system with a Wi-Fi Network could connect.Īccording to Core Security, if the Wi-Fi network is on and connected, files can be browsed by performing an HTTP Request to the WebServer launched by Lenovo SHAREit, although they cannot be downloaded. Configure Lenovo ShareIt for Windows to receive files, and 12345678 is set as the password for a Wi-Fi hotspot. The hardcoding of the password 12345678, listed as CVE-2016-1491 by Core Security, is shocking. If the Lenoto SHAREit vulnerabilities are exploited, they could result in leaked information, integrity corruption, and security protocol bypasses, and be used for man-in-the-middle attacks. Perhaps unsurprisingly, given Lenovo has been found to be installing irremovable software via Rootkit and shipping its laptops with pre-installed spyware, some security vulnerabilities exist in its SHAREit software.įour new Lenovo SHAREit vulnerabilities have been discovered showing some shocking security lapses by the Chinese laptop manufacturer. Lenovo SHAREit is a free cross-platform file transfer tool that allows the sharing of files across multiple devices, including PCs, tablets and Smartphones. Four Lenovo SHAREit vulnerabilities have now been patche In fact, the company didn’t actually bother with adding a password at all in one of the new SHAREit vulnerabilities. Recently, SplashData published a list of the 25 worst passwords of 2015, and the one chosen by Lenovo is listed in position three between “password” and “qwerty.” To all intents and purposes, Lenovo may well not have bothered adding a password at all, such is the degree of security that the password offers. Recent Lenovo SHAREit vulnerabilities have been discovered, one of which involves the use of a hard-coded password that ranks as one of the easiest to guess. ![]() However, even a tech giant the size of Lenovo can fail to implement secure passwords. Ask anyone to name a basic security protection to prevent hackers from gaining access to a device or network, and the use of a secure password would feature pretty high up that list. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |