Re: Not at risk if you changed default password on router -

Author	All Replies
evilghost Premium join:2003-11-22 Springville, AL 1 edit	reply to fAcEtIOUs Re: Not at risk if you changed default password on router said by fAcEtIOUs: There is some risk for all those people who neglected to change their password from the default when installing their router at home. But for anyone who had the brains to change their passwords, this is a a non-event. Routers vulnerable to CSRF are still exploitable IF the user has a trusted session with the configuration page and accesses a hostile site. How many routers are using session versus cookies for verifying successful authentication?
	to forum · permalink · 2008-04-08 10:49:28 ·

MySpareBrain join:2000-06-12 Pearland, TX	said by evilghost Routers vulnerable to CSRF are still exploitable IF the user has a trusted session with the configuration page and accesses a hostile site. How many routers are using session versus cookies for verifying successful authentication? [/BQUOTE : Don't most routers automatically time out the session after a period of time? If I'm in my router, and I stay on the same page for a couple minutes, when I change pages I have to login again.
	to forum · permalink · 2008-04-08 12:50:10 ·

Browser Hack Allows Router Control > Not at risk if you changed default password on router