Mobility

XCS Based Hidden Firmware Modification on Embedded Devices

Free registration required

Executive Summary

Most contemporary embedded devices, such as wireless routers, digital cameras, and digital photo frames, have Web based management interfaces that allow an administrator to perform management tasks on the device from a Web browser connecting to the device's Web server. It has been shown earlier that many of these devices are vulnerable to Cross Site Scripting type attacks whereby some malicious JavaScript code can be injected in the Web pages stored on the device. When such infected pages are opened by the administrator, the malicious script is executed with admin privileges, and it can potentially fully compromise the embedded device.

  • Format: PDF
  • Size: 276.07 KB