Hotel Wi-Fi router security hole: will this be the Ultimate Pwnie Award Winning Bug for 2015? by Paul Ducklin.
Paul has a highly amusing account of the Pwnie awards and his choice for 2015: CVE-2015-0932, Vulnerability Note VU#930956.
The security hole at issue:
…
Multiple ANTlabs InnGate models allow unauthenticated read/write to filesystem.
Simply put, some versions of a popular hotel internet access server – those portals you interact with to get Wi-Fi access while you’re at a conference centre or staying in a hotel – can be completely drained of data, and then reprogrammed arbitrarily, via the outside (internet-facing) interface.
Without any authentication.
…
See Paul’s post for all the details, including a very lucid discussion of rsync that is guaranteed to hold you attention.
Paul also has suggestions for avoiding unpatched ANTlabs InnGate hotel internet access servers.
You can even help your local hotel community by finding unpatched servers. Say near law enforcement conferences. The Department of Homeland Security has helpfully made a list of law enforcement meetings for 2015. (I have a copy just in case it disappears.)