IoT Security Fiasco: The Return of Hard-Coded Username ‘123’
In a twist of cybersecurity comedy, a hard-coded username and password vulnerability from 2017 decided to make a grand reappearance, with “123” as the password. It seems hackers are still trying to crack open the IoT kingdom with a predictable combo reminiscent of a luggage lock. CVE-2017-17761, anyone?
Hot Take:
Well, it looks like someone finally found the vintage wine in the cellar of cybersecurity vulnerabilities! It’s 2023, and we’re dusting off a 2017 classic: a hard-coded password vulnerability that’s been aging like milk. Who knew a username and password combo as simple as “123” could be the key to a hacker’s heart? Maybe the Internet of Things should change its name to the Internet of Terrible Security. Cheers to Ichano for this belated blast from the past!
Key Points:
- A 2017 vulnerability involving a hard-coded username and password (“123”) has resurfaced.
- The vulnerability was identified in Ichano products and is logged as CVE-2017-17761.
- The vulnerability involves default IoT usernames like “root”, “admin”, and “gast”.
- IPs from various countries, including the US, Japan, and Australia, are scanning for these credentials.
- It’s unclear if Ichano ever resolved this issue, so it’s like leaving your front door open for six years.