Skip to main content

Firefox bug lets you hijack nearby mobile browsers via WiFi

posted onSeptember 20, 2020
by l33tdawg
ZDNet
Credit: ZDNet

Mozilla has fixed a bug that can be abused to hijack all the Firefox for Android browsers on the same WiFi network and force users to access malicious sites, such as phishing pages.

The bug was discovered by Chris Moberly, an Australian security researcher working for GitLab.

The actual vulnerability resides in the Firefox SSDP component. SSDP stands for Simple Service Discovery Protocol and is the mechanism through which Firefox finds other devices on the same network in order to share or receive content (i.e., such as sharing video streams with a Roku device). When devices are found, the Firefox SSDP component gets the location of an XML file where that device's configuration is stored.

Source

Tags

Security

You May Also Like

Recent News

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th

Thursday, June 6th