The following list of major security enhancements have been implemented within the 2.4 release:
WIFI-5770 - RTTYS version used has security flaws which are to be resolved in next releases
Issue
Description
Resolution
Password reset and email verification procedures can be exploited by an adversary that acquired a user ID
Hardened action link generation with UUIDs
Cloud services do not log sensitive events occurred during runtime
Implemented security logs to collect evidence that can help with incident investigation
Weak password hash computation is vulnerable to rainbow table attacks
Hardened password hash computation with salting
Hardcoded default password is vulnerable to password guessing attacks
Implemented password change procedure on first login and replaced hardcoded password with a hash
Some API responses leak user secrets by revealing password hashes
Removed password hashes from API responses
Some API responses reveal server version which can be leveraged by an adversary to compromise it using exploits
Removed server version from API responses
API ‘system’ command leak internal file tree by revealing absolute paths of certificate files
Replaced absolute paths of certificates with file names
Cloud services are vulnerable to black box exploitation attempts, brute forcing, credential stuffing and DDoS
Implemented IP-based rate limit for API endpoints
Weak UUID generation with reduced entropy
Hardened UUID by increasing entropy
RTTY-enabled APs can be overtaken by an adversary accessing RTTYS dedicated management interface using default hardcoded credentials
Hardened RTTYS access by randomizing default credentials at deployment