Stories
Slash Boxes
Comments

SoylentNews is people

Dishwasher has Directory Traversal Bug

posted by on Wednesday March 29 2017, @11:28AM   Printer-friendly
from the let's-make-the-Internet-squeaky-clean dept.

davidjohnpaul writes:

A directory traversal bug has been found in a Miele dishwasher. This allows access to arbitrary files on the dishwasher's Web server from unauthenticated users. It has been questioned whether appliance makers should be the ones connecting things to networks, since their lack of experience means there isn't even an official channel to report or fix security bugs. Miele are yet to comment.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Dishwasher has Directory Traversal Bug | Log In/Create an Account | Top | 69 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by EvilSS on Wednesday March 29 2017, @03:45PM

    by EvilSS (1456) Subscriber Badge on Wednesday March 29 2017, @03:45PM (#485963)
    Because it's not a dishwasher, it's a lab washer the size of a large commercial refrigerator designed for washing/disinfecting labware. It has Ethernet and RS232 to allow access for configuration, maintenance, and monitoring. This isn't something you would have in your home and it's not something that would, by default, be exposed to the internet but on the local network.

    Not saying that it's not a problem and needs to be fixed, but the author of that article really click-baited it up to make it look like a consumer IoT issue. In the original bug report it is not called a dishwasher.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2