Warning: Proven Security Issue on MiFi 3G routers. (Updated with Novatel response)

Posted on 18 January 2010, Last updated on 01 April 2019 by

I’ve been extremely happy with the Mifi 2352 (and the Sprint version I used at CES) We voted it mobile gadget of the year and have previously highlighted it for ease of use and its ability to improve security over open hotspots. Unfortunately we’re going to have to retract the latter statement because of a serious security issue based around multiple vulnerabilities. The latest update highlights the ultimate danger.


@aramosf posted to twitter that the MiFi’s config can be directly accessed without authentication. If you combine his attack with the above attacks it turns out that an attacker can download the entire device configuration, including clear text credentials!

The hack has been proven on the Verizon version of the Mifi but we’d recommend caution for all Mifi users. Keep your Mifi out of view when in use and hide the SSD if possible.

Combined with further software installed on the application processor version of the MiFi, the 2352, it’s not difficult to imagine a situation where the MiFi is turned into a traffic logger.

We’ve contacted Novatel for a statement and will update you here on the latest.

Latest from Novatel:

MiFi has CGI parameters that are intentionally programmable so that developers can read or change MiFi settings and build browser based widgets.  Most of these are openly published by Novatel.  There are other CGI settings not published  for MiFi that are accessible only when a user surfs to a malicious web site and stays connected to that site.  The nature of the threat is better characterized by the ability of the hacker to change MiFi settings, only when connected to the malicious site, and does not provide access to the user’s personal data.  The exception to this is location data such as GPS.  In this instance, the user location data is visible only when the user is connected to the malicious site and GPS is activated.  No malware remains on MiFi when the user disconnects from the malicious site.  Any data received or sent through MiFi is secure.  Novatel will provide a patch going forward.

Search UMPCPortal

Find ultra mobile PCs, Ultrabooks, Netbooks and handhelds PCs quickly using the following links:

Acer Aspire Switch 10
10.1" Intel Atom Z3745
Acer C740
11.6" Intel Celeron 3205U
Dell Latitude E7440
14.0" Intel Core i5-4200U
Acer Aspire E11 ES1
11.6" Intel Celeron N2840
ASUS Zenbook UX305
13.3" Intel Core M 5Y10a
Lenovo Ideapad Flex 10
10.1" Intel Celeron N2806
Samsung Q1
7.0" Intel Celeron-M
Acer TravelMate B113
11.6" Intel Core i3
Dell Chromebook 11
11.6" Intel Celeron 2955U
HP Elitebook 820 G2
12.5" Intel Core i5 5300U