The WG-C10 Wireless Portable Server, released in April 2013, uses the open source software DNSmasq and the wireless network encryption standard Wi-Fi Protected Access II (WPA2). Based on recent industry reports, these two technologies have been discovered to have vulnerabilities as follows.*
*CERT Vulnerability Notes Database (English)
- Dnsmasq contains multiple vulnerabilities
- žWi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse
To ensure security and protect your devices against malicious attackers utilizing these vulnerabilities, please follow the instructions as described below:
1. Use a Direct Connection with your devices
When you connect the WG-C10 to your smartphone or tablet, use a direct wireless connection without using a wireless LAN access point.
- Help Guide
2. Set up a wireless LAN password and access password
To use your WG-C10 safely, please make sure to configure the security settings on your WG-C10 according to the details in the Help Guide (please see the links below). If you give your wireless LAN password or access password to others for the purpose of sharing files, we highly recommend that you change your password immediately afterwards.
- Help Guide
3. Choose a secure place when connecting to the Internet
The WG-C10 lets you connect to the Internet through a wireless LAN router. If you need to use this feature to connect to the Internet from your smartphone or tablet, choose a secure place (such as within your home) that is difficult for others to access your Internet connection.
4. Avoid Using Public Wireless LAN Services
Some public LAN services are not sufficiently secure and allow an unspecified number of users to connect. For the sake of security, we highly recommend that you avoid connections from your WG-C10 to public wireless LAN services.