View on GitHub

IoPT App

We are here to improve the SoHo security a bit!

Get it on Google Play

This issue occurs due to an error within the HTTP cookie management mechanism that allows any user to determine the Fortune of a request by manipulating cookies. An attacker can exploit this issue to corrupt memory and alter the application state by sending specially crafted HTTP cookies. This can be further exploit to gain the administrative privileges for the current session by tricking the attacked device.


Check for firmware updates from your device vendor addressing Misfortune Cookie, apply the update as it is released. Another option would be configuring your current gateway as a bridge and using a second secure device as your Internet dialer/gateway. If you have a vulnerable device owned and managed by your service provider, you can contact your customer support with the request to fix.