. home.aspx



IoT device manufacturers missed more than 100 vulnerabilities, argues new security research

September 23, 2019 / IoT News

The Internet of Things (IoT) security problem is not going anywhere fast; according to new research from Independent Security Evaluators (ISE), 125 vulnerabilities were found across 13 IoT devices analysed. The Maryland-based security firm found at least one web application vulnerability, such as cross-site scripting (XSS), operating system command injection (OS CMDi), or SQL injection (SQLi) in all of the 13 assessed devices. According to ISE, these vulnerabilities could be used by cyber-attackers to get remote access to the device’s shell or to the administrative panel. ISE conducted its research by acquiring root shells on 12 of the devices, which allowed complete control over them.