On the security of IoT devices

According to Cisco’s Annual Internet Report, nearly two-thirds of the global population will have Internet access by 2023. The number of devices connected to IP networks will be more than three times the number of people in the world. The consumer segment will have a nearly three-fourths share of total devices and connections. Moreover, IoT devices will account for 50 percent of all networked devices, and about a third will be wireless.
On the other hand, there has been a rise in the number of people working remotely due to the global pandemic during the last years. Because of this, the security of a company’s network can also depend on the security of the home network of its employees. However, home networks are far from hardened, and most consumer internet-connected devices have a reputation for being vulnerable.
After reflecting on these observations, Faraday’s research team has embarked on a new mission to find and report security vulnerabilities in IoT devices. We invite you to read the first in a series of posts that will discuss the vulnerabilities we find and the techniques and lessons learned along the way: Bypassing password protection and getting a shell through UART in NEC Aterm WR8165N Wi-Fi router. We opted to share our insights since it’s in our best interest to boost the knowledge of the community about these devices’ inner workings to facilitate vulnerability discovery and, in consequence, make this ecosystem more secure.
Check out the first part of this cybersecurity report👇
Bypassing password protection and getting a shell through UART in NEC Aterm WR8165N Wi-Fi router
Source:
Related Posts
September 22, 2025
Lanzamiento Faraday v5.16
¡Bienvenido a la nueva versión de nuestra plataforma de Gestión de Vulnerabilidades! Esta actualización introduce filtros granulares por…
September 22, 2025
Faraday v5.16
Welcome to Faraday v5.16, the new version of our Vulnerability Management platform! This update introduces granular filters by date and…
September 11, 2025
Content-Security Policy (CSP) y cómo (no) confiar ciegamente en ella
El Content-Security Policy (CSP) es una de las defensas más efectivas contra vulnerabilidades del tipo Cross-Site Scripting (XSS) y ataques…