CVE-2015-0558: Reverse-engineering the default WPA key generation algorithm for Pirelli routers in Argentina
http://ednolo.alumnos.upv.es/?p=1883
Citar
*Timeline :
2014-09-11 Found the algorithm
2014-09-12 Send a message to @ArnetOnline via Twitter @enovella_
2014-09-15 Send a message via website, still looking for a simple mail (http://www.telecom.com.ar/hogares/contacto_tecnico.html)
2014-09-16 Send another message to Arnet via website. First reply via twitter where they redirect me to the website form.
2014-09-19 Direct message via twitter. I talk with them about the critical vulnerability and offer them an email with PGP key
2014-09-20 More twitter PM about the same. They do not want to be aware about the problem though.
2014-09-23 I assume that Arnet does not care about its clients' security at all regarding its little interest.
2014-09-24 I send the problem to the vendor ADB Pirelli via website form
2014-09-28 I send the problem to the vendor ADB Pirelli via email to Switzerland
2015-01-05 Full disclosure
2014-09-11 Found the algorithm
2014-09-12 Send a message to @ArnetOnline via Twitter @enovella_
2014-09-15 Send a message via website, still looking for a simple mail (http://www.telecom.com.ar/hogares/contacto_tecnico.html)
2014-09-16 Send another message to Arnet via website. First reply via twitter where they redirect me to the website form.
2014-09-19 Direct message via twitter. I talk with them about the critical vulnerability and offer them an email with PGP key
2014-09-20 More twitter PM about the same. They do not want to be aware about the problem though.
2014-09-23 I assume that Arnet does not care about its clients' security at all regarding its little interest.
2014-09-24 I send the problem to the vendor ADB Pirelli via website form
2014-09-28 I send the problem to the vendor ADB Pirelli via email to Switzerland
2015-01-05 Full disclosure