https://www.cvedetails.com/cve/CVE-2021-38513/
For our second example we are going to look at a company named Circutor which provides several products related to power management and home automation. In one of their products, an authentication bypass was found on the firmware related to mishandling of cookies. It is super important to not only implement authentication controls but also to use them effectively. https://www.cvedetails.com/cve/CVE-2021-33842/
There are several things that can be done in order to prevent such flaws.
By using a strict password policy one can drastically decrease the success of a bruteforce attack and furthermore eliminate guessable credentials. A good starting point would be to only allow passwords with 12+ characters which require numbers, symbols, upper- and lowercase characters.
All traffic should be encrypted. Thus an attacker can’t sniff password nor session keys over the wire and has no chance with a man in the middle attack. Furthermore the encryption method should always be as strong as possible, since it’s fairly easy to break weak encryption.
Upon a failed login there must not be any information revealed. For example telling that the password for the username is wrong gives the attacker proof that that user exists. A generic message should be used instead. Something like “Failed Login!”.
Other preventive measures would be forcing the user to use two factor authentication. This way even if a password gets breached it’s no use to the attacker as long as he can’t get the second factor. We can also take some steps to increase the security of our API. For one the access token used by the API must never be guessable nor brute forceable. Additionally a WAF should be set up so that it can filter the incoming traffic and prevent the forging of session keys. On top of that cross site scripting needs to be prevented as it can be used to steal session keys. There are also options to implement breached password protections. So that those passwords that have been breached can’t be chosen to secure an account, which itself increases the security a lot in defence against this issue type from the top 10 OWASP vulnerabilities.
Subscribe for the latest news