“I used Oyo for the first time in my life, and once I checked in, it was compulsory to enter booking ID and phone number to access the WiFi,” Jay Sharma, who reported the vulnerability to the budget rooms provider in August, wrote on LinkedIn. “Why should anybody in the room be forced to share personal information via OTP (one-time password) verification to use WiFi?”
“I researched more and found that the http & ssh ports were open, with no rate limit for the IP which was hosting this. Captcha was a 5-digit number generated by math.random(),” he wrote. “I created a way to brute force the login credentials while executing the captcha. Once login was brute-forced, all the historical data dating back to a few months was accessible."
Sharma also warned users not to login till “Oyo announces officially that they have fixed this issue.”
When contacted, Oyo said the vulnerability was limited to a single property and was fixed immediately.
“We employ and invest heavily in the best in industry cyber security mechanisms including in-house security operation centers, internal and external vulnerability scans and network penetration tests, training developers on secure development practices amongst others,” an Oyo spokesperson said in a statement.
“Any vulnerability, no matter how limited-time or small is taken very seriously and looked into,” the spokesperson added.
Screenshots sha ..
Support the originator by clicking the read the rest link below.
