WPS brute force attack

A flaw exists in the Wi-Fi Alliance’s WPS specification that allows a hacker with a password generating tool to guess passwords within a few hours (known as a brute-force attack). If a hacker launches a brute force attack on WPS and retrieves the PIN password for the wireless network, he gains the access to a user’s wireless network data.
This flaw exists in all WPS-enabled wireless devices.

Zyxel recommends the following settings to prevent the attack:

Do not use the WPS PIN Configuration method (see your product’s documentation).
Use WPA2 encryption with a long password mixing letters and numbers.
Disable UPnP.
Enable MAC address filtering and allow only known computers to access your wireless network.

For more information on this vulnerability, please see www.kb.cert.org/vuls/id/723755.

For Zyxel products offered through Internet service providers (ISPs), please contact your ISP if you require further details.

The company

News

Customer stories

Events

Our awards

Resources

Day of giving

COVID-19 statement

MPro Mesh™ Solutions

EX5510-B0

Security advisories

Webinar

Product evaluation

Multimedia

Distributors

WPS brute force attack