{"id":3931,"date":"2016-11-07T10:18:06","date_gmt":"2016-11-07T15:18:06","guid":{"rendered":"http:\/\/community.mis.temple.edu\/itacs5211fall16\/?p=3931"},"modified":"2016-11-07T10:18:06","modified_gmt":"2016-11-07T15:18:06","slug":"sqli-xss-zero-days-expose-belkin-iot-devices-android-smartphones","status":"publish","type":"post","link":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/2016\/11\/07\/sqli-xss-zero-days-expose-belkin-iot-devices-android-smartphones\/","title":{"rendered":"SQLi, XSS zero-days expose Belkin IoT devices, Android smartphones"},"content":{"rendered":"<p>Security researchers discovered a couple flaws in Belkin home devices\u00a0and discussed it during last Friday&#8217;s Black\u00a0Hat Europe conference. These were SQL injection and XSS vulnerabilities, the same ones we discussed last class. The SQL injection vulnerability ultimately led to root access being compromised for these devices. The XSS vulnerability allowed personal information, such as pictures of GPS locations, to a remote server. These issues are very concerning. As people start to connect their homes with these devices, this can be a serious safety issue. Belkin has since released firmwares to fix these vulnerabilities, but there needs to be more done in order to mitigate this. There is a lot more information in the article, definitely check it out.<\/p>\n<p>Article:\u00a0http:\/\/www.csoonline.com\/article\/3138935\/security\/sqli-xss-zero-days-expose-belkin-iot-devices-android-smartphones.html<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Security researchers discovered a couple flaws in Belkin home devices\u00a0and discussed it during last Friday&#8217;s Black\u00a0Hat Europe conference. These were SQL injection and XSS vulnerabilities, the same ones we discussed last class. The SQL injection vulnerability ultimately led to root access being compromised for these devices. The XSS vulnerability allowed personal information, such as pictures [&hellip;]<\/p>\n","protected":false},"author":14261,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[716936],"tags":[],"class_list":{"0":"post-3931","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-week-11-it-risk","7":"entry"},"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/posts\/3931","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/users\/14261"}],"replies":[{"embeddable":true,"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/comments?post=3931"}],"version-history":[{"count":1,"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/posts\/3931\/revisions"}],"predecessor-version":[{"id":3932,"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/posts\/3931\/revisions\/3932"}],"wp:attachment":[{"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/media?parent=3931"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/categories?post=3931"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/community.mis.temple.edu\/itacs5211fall16\/wp-json\/wp\/v2\/tags?post=3931"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}