Category: Advisories

  • Advisory: iOS 14 and Android 10 – How does randomized MAC addresses affect your network?

    Last Updated: 15 Oct 2020Publication Date: 24 Sep 2020 What is Randomized MAC and what is it for? With the recent launch of IOS 14 and Android 10, a new feature is introduced which configures the phone to use a randomized MAC address when connecting to a WiFi network. The feature is enabled by default […]

  • Advisory: HTTPS Walled Garden URLs for Payment Gateways

    We have added HTTPS walled garden URLs for payment gateways. In doing so, we are effectively decommissioning the IP Address-based walled garden configuration. Here is a list of relevant HTTPs walled garden URLs for all supported payment gateways: Payment Gateway Mode Required exact-match HTTPS walled garden entries Authorize.Net Accept.js Production api.authorize.netjs.authorize.net Test apitest.authorize.netjstest.authorize.net Authorize.Net SIM […]

  • Advisory: Instagram Deprecated Portal Login [UPDATED]

    Last Updated: Oct 15, 2020 The Instagram direct login issue has been resolved with the recent ANTlabs Update #41 for both IG 4 and SG 4. Admins are advised to apply the latest update on their gateways to ensure a smoother login flow. After updating gateways to Update #41, using the Instagram login method now […]

  • Advisory: WeChat Depecrated Portal Login

    WeChat has disabled portal login function for their WiFi on 19 Aug 2019, due to tightened security restrictions of IOS 13 and Andriod Q. With this change, ANTlabs’ WeChat direct login will not work anymore.  Our Engineering Team is still analyzing whether there is a replacement for this.  This advisory shall be updated as soon […]

  • Advisory: Slow Captive Portals on iOS

    Publication Date: 7 July 2019Last Updated: 27 August 2019 It has come to our attention that some users have been experiencing a delay in loading captive portals on Apple devices. The said delay sometimes takes up to a minute. This behavior has been observed on devices that are on iOS 12. It was also observed […]

  • Advisory: Root privilege escalation from authenticated local console account vulnerability

    Publication Date: 1 Sep 2018 Last Updated: 5 Sep 2018 Description We are aware of a security vulnerability where a local console account user can perform root privileged escalation. Impact This is a medium-severity security vulnerability as a local authenticated non-privileged console user can gain root privilege access to the gateway. If remote shell access […]

  • Advisory: Captive Portal Redirection for HTTPS Websites

    What to do when users get browser and smartphone security warnings when connecting to your network ANTlabs gateways have a unique feature that can redirect HTTPS web requests to the captive portal or landing page. This feature was very useful earlier in comparison to other competitors that can only redirect HTTP web requests, thus enhancing […]

  • Advisory: Intel Spectre and Meltdown

    Publication Date: 10th Jan 2018 Last Updated: 19th Jan 2018 Version 1.04: Interim Description On 3rd January 2018, 3 vulnerabilities were disclosed for Intel microprocessors that could allow an attacker that has local access to a server to read privileged information belonging to other processes or the operating system by installing and executing a malicious […]

  • Advisory: Fidelio Opera Ignoring DB Sync Request from ANTlabs Gateways

    Publication Date: 17 November 2016 Description There is a PMS default setting on the Fidelio Opera system which specifies that the PMS will ignore DB sync request less than 60s. With this default setting configured, the Opera PMS will ignore all DB sync requests that it receives from our gateway within 60s of establishing connection. This […]

  • Advisory: DROWN Vulnerability (CVE-2016-0800)

    Publication Date: 7 March 2016 Updated: 15 March 2016 Description A vulnerability that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA padding oracle. The Traffic between clients and non-vulnerable servers can be decrypted if another server supporting SSLv2 and EXPORT ciphers shares the […]