{"id":8789,"date":"2015-12-21T13:10:32","date_gmt":"2015-12-21T17:10:32","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=8789"},"modified":"2015-12-21T13:10:32","modified_gmt":"2015-12-21T17:10:32","slug":"critical-wps-vulnerability-discovered-in-bell-canada-home-hub-routers","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2015\/12\/21\/critical-wps-vulnerability-discovered-in-bell-canada-home-hub-routers\/","title":{"rendered":"Critical WPS vulnerability discovered in Bell Canada Home Hub routers"},"content":{"rendered":"<p><span class=\"author vcard\">By <a class=\"fn profile-link\" href=\"http:\/\/www.neowin.net\/profile\/441727-boyd_chan\" target=\"_blank\" rel=\"author\">Boyd Chan<\/a><\/span> | <a href=\"http:\/\/www.neowin.net\/news\/critical-wps-vulnerability-discovered-in-bell-canada-home-hub-routers\" target=\"_blank\">Neowin<\/a><\/p>\n<p>In recent years, Wi-Fi has gained attention mainly due to the increased speeds afforded by the 802.11n and 802.11ac specifications. This has seen a flurry of new hardware hit the market enticing owners of older 802.11a\/b\/g hardware to upgrade to the latest and greatest kit.<\/p>\n<p>However, Wi-Fi has seen numerous security setbacks throughout its lifetime. WEP encryption, deployed as part of the earlier Wi-Fi standards, was later found to be less secure than thought. This prompted the development of WPA with TKIP encryption as an interim measure until a more robust solution could be ratified. Ultimately, WEP ended up being easily cracked in under sixty seconds with the right tools. TKIP was deprecated from the 2012 revision of the 802.11 standard as it was no longer considered to be secure.<\/p>\n<p>As such, the standing recommendation for any new Wi-Fi network has been to use WPA2+AES to ensure maximum security against attacks of any nature.<\/p>\n<p>Unfortunately, it seems as though owners of the Bell Canada Home Hub 1000 and 2000 series routers may be in for a rude surprise. <a href=\"http:\/\/www.dslreports.com\/forum\/r30443059-Bell-Home-Hub-2000-Backdoor-Security-vulnerability\" target=\"_blank\">According to an anonymous user on DSL Reports<\/a> and <a href=\"https:\/\/www.reddit.com\/r\/ottawa\/comments\/3wsxkf\/bell_canada_router_security_vulnerability\/\" target=\"_blank\">SergeantAlPowell on Reddit<\/a>, a vulnerability in WPS (Wi-Fi Protected Setup) has been discovered that can compromise networks that have been secured with WPA2+AES.<\/p>\n<p>Despite WPS being disabled, it seems that these Home Hub routers continued to respond to WPS requests. Furthermore, a default PIN of &#8220;12345670&#8221; coaxed these routers into supplying the passphrase that could be used to connect to the corresponding Wi-Fi network.<\/p>\n<p><a href=\"http:\/\/www.reddit.com\/r\/ottawa\/comments\/3wsxkf\/bell_canada_router_security_vulnerability\/cy2sko5\" target=\"_blank\">It seems that Bell has released a patch for the vulnerability<\/a> in the form of a silent update for these affected devices. However, Bell Canada has not officially acknowledged the existence of the security issue or its rectification in the firmware version history.<\/p>\n<p>Source: <a href=\"https:\/\/www.reddit.com\/r\/ottawa\/comments\/3wsxkf\/bell_canada_router_security_vulnerability\/\" target=\"_blank\">Reddit<\/a> | <a href=\"http:\/\/www.dslreports.com\/forum\/r30443059-Bell-Home-Hub-2000-Backdoor-Security-vulnerability\" target=\"_blank\">DSL Reports<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>By Boyd Chan | Neowin In recent years, Wi-Fi has gained attention mainly due to the increased speeds afforded by [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[7,10],"tags":[123,341,794,826,917,1204,1247,1249],"class_list":["post-8789","post","type-post","status-publish","format-standard","hentry","category-security","category-technology","tag-bell-canada","tag-exploit","tag-passphrase","tag-pin","tag-routers","tag-wi-fi","tag-wpa2aes","tag-wps"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-2hL","jetpack-related-posts":[{"id":9452,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/11\/19\/internal-bug-discovery-security-now-693\/","url_meta":{"origin":8789,"position":0},"title":"Internal Bug Discovery &#8211; Security Now 693","author":"NCCT","date":"November 19, 2018","format":false,"excerpt":"https:\/\/youtu.be\/ClVI9PMQGCY Australia vs Encryption, Google+ Bugs Hasten its Demise -- Australia's recently passed anti-encryption legislation -- Details of a couple more mega-breaches including a bit of Marriott follow-up -- A welcome call for legislation from Microsoft -- A new twist on online advertising click fraud -- The DHS is interested\u2026","rel":"","context":"In &quot;Microsoft&quot;","block_context":{"text":"Microsoft","link":"https:\/\/nccomputertech.com\/techtalk\/category\/microsoft\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/ClVI9PMQGCY\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9930,"url":"https:\/\/nccomputertech.com\/techtalk\/2025\/05\/16\/fbi-says-toss-your-old-router\/","url_meta":{"origin":8789,"position":1},"title":"FBI Says Toss Your Old Router","author":"NCCT","date":"May 16, 2025","format":false,"excerpt":"https:\/\/youtu.be\/scR199zRjvA On Security Now, Steve talks about the FBI's suggestion that we should be tossing out our old routers.","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/scR199zRjvA\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9904,"url":"https:\/\/nccomputertech.com\/techtalk\/2025\/02\/11\/how-can-this-launch-get-any-worse\/","url_meta":{"origin":8789,"position":2},"title":"How can this launch get any worse?","author":"NCCT","date":"February 11, 2025","format":false,"excerpt":"https:\/\/youtu.be\/cDuEq1URx5c The Zotac 5090 Solid OC is one of the most common 5080 and 5090 cards in the wild right now... but it has some of the worst software I've seen in a long time!","rel":"","context":"In &quot;Hardware&quot;","block_context":{"text":"Hardware","link":"https:\/\/nccomputertech.com\/techtalk\/category\/hardware\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/cDuEq1URx5c\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9655,"url":"https:\/\/nccomputertech.com\/techtalk\/2021\/03\/09\/fuquay-varina-and-holly-springs-computer-repair\/","url_meta":{"origin":8789,"position":3},"title":"Fuquay Varina and Holly Springs Computer Repair","author":"NCCT","date":"March 9, 2021","format":false,"excerpt":"Welcome to our blog. NC Computer Tech services Fuquay Varina, Holly Springs, and surrounding NC areas. We offer prompt, professional, courteous service with over twenty years of experience dealing with residential and small business clients offering them solutions and fixing their computer and network issues at reasonable rates. Our services\u2026","rel":"","context":"In &quot;Technology&quot;","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9890,"url":"https:\/\/nccomputertech.com\/techtalk\/2024\/12\/08\/49-years-of-video-game-consoles-in-10-minutes\/","url_meta":{"origin":8789,"position":4},"title":"49 Years Of Video Game Consoles in 10 Minutes","author":"NCCT","date":"December 8, 2024","format":false,"excerpt":"https:\/\/youtu.be\/27_xEN5srVI Believe it or not, the home video game console has been around for nearly 49 years. Yes, that\u2019s almost half a century. Since 1972, we\u2019ve seen over 30 consoles created and sold in North America, which is a ridiculous amount of consoles. That\u2019s an average of more than one\u2026","rel":"","context":"In &quot;Hardware&quot;","block_context":{"text":"Hardware","link":"https:\/\/nccomputertech.com\/techtalk\/category\/hardware\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/27_xEN5srVI\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9906,"url":"https:\/\/nccomputertech.com\/techtalk\/2025\/02\/11\/hw-news-rtx-50-continues-to-not-exist-strange-intel-cpu-amd-vulnerability-nvidia-stock-drop\/","url_meta":{"origin":8789,"position":5},"title":"HW News &#8211; RTX 50 Continues to Not Exist, Strange Intel CPU, AMD Vulnerability, NVIDIA Stock Drop","author":"NCCT","date":"February 11, 2025","format":false,"excerpt":"https:\/\/youtu.be\/LEjhJubhF9k In hardware news this week, Intel launches a strangely shaped CPU IHS, AMD has a vulnerability exposed by ASUS by accident, NVIDIA's stock drop plummets, the 50 series continues to be a retail myth, and the Steam Brick mod gives us something positive and fun for the week. News\u2026","rel":"","context":"In &quot;Hardware&quot;","block_context":{"text":"Hardware","link":"https:\/\/nccomputertech.com\/techtalk\/category\/hardware\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/LEjhJubhF9k\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/8789","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=8789"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/8789\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=8789"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=8789"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=8789"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}