SoftBank Wi-Fi Spot Configuration Software, as used on SoftBank SHARP 3G handsets, SoftBank Panasonic 3G handsets, SoftBank NEC 3G handsets, SoftBank Samsung 3G handsets, SoftBank mobile Wi-Fi routers, SoftBank Android smartphones with the Wi-Fi application before 1.7.1, SoftBank Windows Mobile smartphones with the WISPrClient application before 1.3.1, SoftBank Disney Mobile Android smartphones with the Wi-Fi application before 1.7.1, and WILLCOM Android smartphones with the Wi-Fi application before 1.7.1, does not properly connect to access points, which allows remote attackers to obtain sensitive information by leveraging access to an 802.11 network.
Weakness
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Wi-fi_spot_configuration_software | Softbank | - (including) | - (including) |
Potential Mitigations
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/114.html
- https://cwe.mitre.org/data/definitions/115.html
- https://cwe.mitre.org/data/definitions/151.html
- https://cwe.mitre.org/data/definitions/194.html
- https://cwe.mitre.org/data/definitions/22.html
- https://cwe.mitre.org/data/definitions/57.html
- https://cwe.mitre.org/data/definitions/593.html
- https://cwe.mitre.org/data/definitions/633.html
- https://cwe.mitre.org/data/definitions/650.html
- https://cwe.mitre.org/data/definitions/94.html
References
- http://jvn.jp/en/jp/JVN85371480/397327/index.html
- http://jvn.jp/en/jp/JVN85371480/995319/index.html
- http://jvn.jp/en/jp/JVN85371480/995417/index.html
- http://jvn.jp/en/jp/JVN85371480/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2013-000039
- http://jvn.jp/en/jp/JVN85371480/397327/index.html
- http://jvn.jp/en/jp/JVN85371480/995319/index.html
- http://jvn.jp/en/jp/JVN85371480/995417/index.html
- http://jvn.jp/en/jp/JVN85371480/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2013-000039