( < fortune cookie, "õnnekook")

olemus
koogimehhanismi turvaauk
paarisaja marsruuterimudeli sisseehitatud tarkvaras,
ammune, kuid avastati 2014. a. lõpul;
kahjurkooki sisaldava paketi saatmise teel
võib ründaja saada seadme oma kontrolli alla
=
a vulnerability in the firmware of certain network routers: the attacker can send a crafted HTTP cookie to the vulnerable system's web-management portal, where the attacker's content overwrites the device memory whereas the contents of the cookie act as command to the router

ülevaateid
https://www.hkcert.org/security-bulletin/misfortune-cookie-vulnerability-on-multiple-broadband-routers

https://en.wikipedia.org/wiki/Misfortune_Cookie_(computers)

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9222

https://blog.checkpoint.com/2014/12/18/misfortune-cookie-the-hole-in-your-internet-gateway-3/