| Title | Bharti Airtel Airtel Xstream Fiber WiFi N/A Brute force attack |
|---|
| Description | It was observed that Airtel Xstream Fiber WiFi used to set the initial WiFi password for users and users were notified through an SMS on registered phone number, which are predictable and users don't get any notification to update the same. The WiFi password has a pattern of "air<5 random digits>" and potential vulnerable routers have pattern as "Airtel_<first 4 characters of subscriber's name>_<last 4 digits of subscriber's registered phone number>" and "Airtel_<10 digit subscriber's registered phone number>". Using the defined format an attacker can identify potential vulnerable SSID then crack the password offline after capturing the WiFi handshake. Successful attack can result to compromised WiFi network leading to other attacks such as MiTM.
If attacker identifies the potential vulnerable SSID (using the pattern mentioned in description) then an attacker only needs to capture the WiFi handshake of identified WiFi APN. And hence pattern for initial password is also known(as mentioned in description), an attacker can brute force the password offline leading to compromised WiFi network. All users using the WiFi connection with initial configuration (Most people rarely change config of personal WiFi) can be a target of this attack.
Attacker doesn't need to know subscriber's name or phone number.
WiFi SSIDs can be identified by pattern as below:
1. Airtel_<4 alphabets>_<4 digits>
2. Airtel_<10 digits> |
|---|
| Source | ⚠️ https://packetstorm.news/files/id/188799/ |
|---|
| User | alokkumar0200 (UID 9619) |
|---|
| Submission | 01/24/2025 11:28 AM (4 months ago) |
|---|
| Moderation | 02/06/2025 03:18 PM (13 days later) |
|---|
| Status | Accepted |
|---|
| VulDB Entry | 294857 [Bharti Airtel Xstream Fiber up to 20250123 WiFi Password weak credentials] |
|---|
| Points | 20 |
|---|