This Dangeous Firefox Glitch Can Let Hackers into Your Entire Network

by
martyb
from SoylentNews on (#58H41)

Fnord666 writes:

This dangeous Firefox glitch can let hackers into your entire network:

Cyberattacks rarely stay in one place. A bad enough exploit can cause a chain reaction that harms one computer after another like falling dominoes. And that's exactly what's at stake with a new glitch discovered in Mozilla Firefox that can put your entire network at risk.

Exploitation of LAN vulnerability found in Firefox for Android

I tested this PoC exploit on 3 devices on same wifi, it worked pretty well.
I was able to open custom URL on every smartphone using vulnerable Firefox (68.11.0 and below) found by @init_stringhttps://t.co/c7EbEaZ6Yxpic.twitter.com/lbQA4qPehq

- Lukas Stefanko (@LukasStefanko) September 18, 2020

The bug was discovered by Australian security researcher Chris Moberly, who found the issue within Firefox's SSDP system. SSDP is used by Firefox to detect other devices on the same network like streaming boxes and external speakers.

But Moberly found something dangerously wrong with SSDP: The system document that stores records of connected devices can be hijacked to execute a command. In a nutshell, this means a hacker could send out malicious files and hijack any device on the same Wi-Fi network. It would be just as easy (and urgent) as opening a link in your browser.

The consequences of this bug are huge, and is another reason why it's never a good idea to use public Wi-Fi.

Original Submission

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments