Novatel’s MiFi 2200 3G/Wi-Fi combo modem/router sold by Verizon and Sprint has been exploited and two major security vulnerabilities have been discovered.
The biggest vulnerabilities found are the silent remote activation of GPS functionality despite being turned off by the user, as well as the complete exposure of the Wi-Fi security key and device configuration in plain text by visiting a site with malicious Javascript.
Novatel has yet to issue a statement regarding the issue
Update: Novatel representative Kevin Thomson has released the following statement on the issue to PhoneNews.com:
I saw your posting regarding the MiFi security issue and I wanted to get in contact with the official Novatel Wireless statement.
MiFi has CGI parameters that are intentionally programmable so that developers can read or change MiFi settings and build browser based widgets. Â Most of these are openly published by Novatel.
There are other CGI settings not published  for MiFi that are accessible only when a user surfs to a malicious web site and stays connected to that site.  The nature of the threat is better characterized by the ability of the hacker to change MiFi settings, only when connected to the malicious site, and does not provide access to the user’s personal data.  The exception to this is location data such as GPS.
In this instance, the user location data is visible only when the user is connected to the malicious site and GPS is activated. Â No malware remains on MiFi when the user disconnects from the malicious site. Â Any data received or sent through MiFi is secure. Â Novatel will provide a patch going forward.
