{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,30]],"date-time":"2026-01-30T13:23:06Z","timestamp":1769779386020,"version":"3.49.0"},"reference-count":31,"publisher":"Wiley","license":[{"start":{"date-parts":[[2022,2,12]],"date-time":"2022-02-12T00:00:00Z","timestamp":1644624000000},"content-version":"unspecified","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Security and Communication Networks"],"published-print":{"date-parts":[[2022,2,12]]},"abstract":"<jats:p>This work provides an answer to the following key question: Are the Web-based management interfaces of the contemporary off-the-shelf wireless access points (WAP) free of flaws and vulnerabilities? The short answer is not very much. That is, after performing a vulnerability assessment on the Web interfaces of six different WAPs by an equal number of diverse renowned vendors, we reveal a significant number of assorted medium-to-high severity vulnerabilities that are straightforwardly or indirectly exploitable. Overall, 13 categories of vulnerabilities translated to 28 zero-day attacks are exposed. Our findings range from legacy path traversal, cross-site scripting, and clickjacking attacks to HTTP request smuggling and splitting, replay, denial of service, and information leakage among others. In the worst-case scenario, the attacker can acquire the administrator\u2019s (admin) credentials and the WAP\u2019s Wi-Fi passphrases or permanently lock the admin out of accessing the WAP\u2019s Web interface. On top of everything else, we identify the already applied hardening measures by these devices and elaborate on extra countermeasures that are required to tackle the identified weaknesses. To our knowledge, this work contributes the first wholemeal appraisal of the security level of this kind of Web-based interfaces that go hand in glove with the myriads of WAPs out there, and it is therefore anticipated to serve as a basis for further research in this timely and challenging field.<\/jats:p>","DOI":"10.1155\/2022\/1833062","type":"journal-article","created":{"date-parts":[[2022,2,12]],"date-time":"2022-02-12T20:50:20Z","timestamp":1644699020000},"page":"1-24","source":"Crossref","is-referenced-by-count":7,"title":["Your WAP Is at Risk: A Vulnerability Analysis on Wireless Access Point Web-Based Management Interfaces"],"prefix":"10.1155","volume":"2022","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6507-5052","authenticated-orcid":true,"given":"Efstratios","family":"Chatzoglou","sequence":"first","affiliation":[{"name":"Department of Information & Communication Systems Engineering, University of the Aegean, Mytilene, Greece"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6348-5031","authenticated-orcid":true,"given":"Georgios","family":"Kambourakis","sequence":"additional","affiliation":[{"name":"European Union, Joint Research Centre, Ispra 21027, Italy"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3020-291X","authenticated-orcid":true,"given":"Constantinos","family":"Kolias","sequence":"additional","affiliation":[{"name":"Department of Computer Science, University of Idaho, Idaho Falls 83402, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"311","reference":[{"key":"1","doi-asserted-by":"publisher","DOI":"10.1109\/MILCOM.2017.8170867"},{"key":"2","article-title":"Multiple attempts to exploit Realtek vulnerabilities discovered by our researchers. visited on 2021-09-10","author":"O. Mallis","year":"2021"},{"key":"3","article-title":"Threat modeling. Visited on 2021-11-29","author":"Owasp","year":"2021"},{"key":"4","article-title":"Threat modeling process. Visited on 2021-11-29","author":"Owasp","year":"2021"},{"key":"5","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.101589"},{"key":"6","doi-asserted-by":"publisher","DOI":"10.3390\/electronics9050824"},{"key":"7","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2017.2781126"},{"key":"8","article-title":"Detecting and exploiting path-relative stylesheet import (PRSSI) vulnerabilities. visited on 2021-02-09","author":"K. James","year":"2021"},{"key":"9","article-title":"Web cache deception attack. visited on 2021-02-09","author":"O. Gil","year":"2021"},{"key":"10","first-page":"665","article-title":"Cached and confused: web cache deception in the wild","author":"S. Ali Mirheidari"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1109\/MC.2017.201"},{"key":"12","article-title":"Testing for clickjacking. Securing IoT devices: how safe is your wi-fi router? Visited on 2021-09-09","author":"Owasp","year":"2021"},{"key":"13","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-86586-3_6"},{"key":"14","article-title":"Cross site scripting prevention stylesheet. visited on 2021-12-09","author":"Owasp","year":"2021"},{"key":"15","article-title":"Path,Traversal mitigations. visited on 2021-12-09","author":"Owasp","year":"2021"},{"key":"16","article-title":"Clickjacking defence stylesheet. visited on 2021-12-09","author":"Owasp","year":"2021"},{"key":"17","article-title":"Denial-of-service stylesheet. visited on 2021-12-09","author":"Owasp","year":"2021"},{"key":"18","article-title":"A3:2017-Sensitive data exposure. Visited on 2021-12-09","author":"Owasp","year":"2021"},{"key":"19","doi-asserted-by":"publisher","DOI":"10.3390\/s18030817"},{"key":"20","doi-asserted-by":"publisher","DOI":"10.1109\/MCE.2019.2953740"},{"key":"21","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2019.2910750"},{"key":"22","article-title":"Multiple security vulnerabilities leading to RCE. Visited on 2021-04-09","author":"T.. D-Link","year":"2021"},{"key":"23","article-title":"Router vulnerable to fake updates and XSS (CVE-2020-15498 & CVE-2020- 15499). Visited on 2021-04-09","author":"A. S. U. S. Trustwave","year":"2021"},{"key":"24","article-title":"Bypassing authentication on arcadyan routers with CVE-2021\u201320090 and rooting some Buffalo. Visited on 2021-29-08","author":"E. Grant","year":"2021"},{"key":"25","article-title":"Cybersecurity-help. VU10103 HTTP response splitting attack. visited on 2021-04-09","year":"2021"},{"key":"26","article-title":"Over 25,000 Linksys Smart Wi-Fi routers vulnerable to sensitive information disclo- sure flaw. visited on 2021-29-08","author":"T. Mursch","year":"2021"},{"key":"27","article-title":"Advisory: multiple issues in Realtek SDK affects hundreds of thousands of devices down the supply chain. Visited on 2021-04-09","author":"IoT. Inspector","year":"2021"},{"key":"28","article-title":"CVE-2021-27342 timing side-channel attack vulnerability writeup. Visited on 2021-08-10","author":"G. L.. D.-L. Router","year":"2021"},{"key":"29","article-title":"Choice best-selling TP-Link router ships with vulnerable firmware. visited on 2021-04-09","author":"C.. Amazon\u2019s","year":"2021"},{"key":"30","article-title":"DVA-5592 missing authentication check, and self XSS. visited on 2021-04-09","author":"R. D-Link","year":"2021"},{"key":"31","article-title":"The American consumer Institute. Securing IoT devices: how safe is your wi-fi router? Visited on 2021-04-09","year":"2021"}],"container-title":["Security and Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2022\/1833062.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2022\/1833062.xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/scn\/2022\/1833062.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,2,12]],"date-time":"2022-02-12T20:50:22Z","timestamp":1644699022000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.hindawi.com\/journals\/scn\/2022\/1833062\/"}},"subtitle":[],"editor":[{"given":"Konstantinos","family":"Rantos","sequence":"additional","affiliation":[],"role":[{"role":"editor","vocabulary":"crossref"}]}],"short-title":[],"issued":{"date-parts":[[2022,2,12]]},"references-count":31,"alternative-id":["1833062","1833062"],"URL":"https:\/\/doi.org\/10.1155\/2022\/1833062","relation":{},"ISSN":["1939-0122","1939-0114"],"issn-type":[{"value":"1939-0122","type":"electronic"},{"value":"1939-0114","type":"print"}],"subject":[],"published":{"date-parts":[[2022,2,12]]}}}