Home » Gadgets » FCC Security Gap: The FCC Accepts Malware Uploads

FCC Security Gap: The FCC Accepts Malware Uploads

Monday, September 4th, 2017 | Gadgets

The Federal Communications Commission (FCC) is the top telecom regulator in the US – but in terms of security, An incorrectly configured API allowed users to upload any file up to 25 MB in size. After the upload, the files are available worldwide via link. Verified are uploads with the file extensions PDF, GIf, Elf, Exe and MP4.

The blogger Guise Bule had reported on the error by referring to an anonymous source. In fact, there are many publicly available documents that are not from the FCC itself. Referring to the controversial discussion about the abolition of the rules on net neutrality in the US, this is about: "Fuck Net Neutrality. God bless America".
No special hacking skills required
The exploitation of the gap, which has now been rectified, did not require any special knowledge. It was enough to get a key for the API according to the FCC documentation. The desired documents could be uploaded. Depending on whom the security gap is used, it can be more than just embarrassing. In addition to protest messages to the FCC, attackers could also host malware or phishing campaigns on a server with an official government address.
The uploaded documents are still available. New API keys are not currently available, but a key for demonstration purposes on the Web page will continue to work.

Related

Sinead O'connor Vegan

Sinead O'connor Vegan Sinead O'connor Vegan Vlogs Uni Exkursion | VLOG Q&A Teil

Chris Cornell Playlist

Chris Cornell Playlist Chris Cornell Playlist Vlogs Pearl Jam – Daughter Official site

Mother and child found dead - suspect fl

A 24-year-old mother and her six-year-old child were found dead on the Monday

Sinead O'connor Queen Victoria

Sinead O'connor Queen Victoria Sinead O'connor Queen Victoria Vlogs "Only You" – SinĂ©ad