{"id":"https://openalex.org/W4213280295","doi":"https://doi.org/10.1155/2022/1833062","title":"Your WAP Is at Risk: A Vulnerability Analysis on Wireless Access Point Web-Based Management Interfaces","display_name":"Your WAP Is at Risk: A Vulnerability Analysis on Wireless Access Point Web-Based Management Interfaces","publication_year":2022,"publication_date":"2022-02-12","ids":{"openalex":"https://openalex.org/W4213280295","doi":"https://doi.org/10.1155/2022/1833062"},"language":"en","primary_location":{"id":"doi:10.1155/2022/1833062","is_oa":true,"landing_page_url":"https://doi.org/10.1155/2022/1833062","pdf_url":"https://downloads.hindawi.com/journals/scn/2022/1833062.pdf","source":{"id":"https://openalex.org/S120683614","display_name":"Security and Communication Networks","issn_l":"1939-0114","issn":["1939-0114","1939-0122"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319869","host_organization_name":"Hindawi Publishing Corporation","host_organization_lineage":["https://openalex.org/P4310319869"],"host_organization_lineage_names":["Hindawi Publishing Corporation"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Security and Communication Networks","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://downloads.hindawi.com/journals/scn/2022/1833062.pdf","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5087799945","display_name":"Efstratios Chatzoglou","orcid":"https://orcid.org/0000-0001-6507-5052"},"institutions":[{"id":"https://openalex.org/I98805295","display_name":"University of the Aegean","ror":"https://ror.org/03zsp3p94","country_code":"GR","type":"education","lineage":["https://openalex.org/I98805295"]}],"countries":["GR"],"is_corresponding":false,"raw_author_name":"Efstratios Chatzoglou","raw_affiliation_strings":["Department of Information & Communication Systems Engineering, University of the Aegean, Mytilene, Greece"],"raw_orcid":"https://orcid.org/0000-0001-6507-5052","affiliations":[{"raw_affiliation_string":"Department of Information & Communication Systems Engineering, University of the Aegean, Mytilene, Greece","institution_ids":["https://openalex.org/I98805295"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5047345306","display_name":"Georgios Kambourakis","orcid":"https://orcid.org/0000-0001-6348-5031"},"institutions":[{"id":"https://openalex.org/I4210118689","display_name":"Joint Research Centre","ror":"https://ror.org/02qezmz13","country_code":"IT","type":"government","lineage":["https://openalex.org/I1320481043","https://openalex.org/I2800387288","https://openalex.org/I4210118689","https://openalex.org/I4210161702"]}],"countries":["IT"],"is_corresponding":true,"raw_author_name":"Georgios Kambourakis","raw_affiliation_strings":["European Union, Joint Research Centre, Ispra 21027, Italy"],"raw_orcid":"https://orcid.org/0000-0001-6348-5031","affiliations":[{"raw_affiliation_string":"European Union, Joint Research Centre, Ispra 21027, Italy","institution_ids":["https://openalex.org/I4210118689"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5088023851","display_name":"Constantinos Kolias","orcid":"https://orcid.org/0000-0002-3020-291X"},"institutions":[{"id":"https://openalex.org/I155093810","display_name":"University of Idaho","ror":"https://ror.org/03hbp5t65","country_code":"US","type":"education","lineage":["https://openalex.org/I155093810"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Constantinos Kolias","raw_affiliation_strings":["Department of Computer Science, University of Idaho, Idaho Falls 83402, USA"],"raw_orcid":"https://orcid.org/0000-0002-3020-291X","affiliations":[{"raw_affiliation_string":"Department of Computer Science, University of Idaho, Idaho Falls 83402, USA","institution_ids":["https://openalex.org/I155093810"]}]}],"institutions":[],"countries_distinct_count":3,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5047345306"],"corresponding_institution_ids":["https://openalex.org/I4210118689"],"apc_list":{"value":2100,"currency":"USD","value_usd":2100},"apc_paid":{"value":2100,"currency":"USD","value_usd":2100},"fwci":1.3372,"has_fulltext":true,"cited_by_count":9,"citation_normalized_percentile":{"value":0.78881936,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":98},"biblio":{"volume":"2022","issue":null,"first_page":"1","last_page":"24"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.817965030670166},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6397265791893005},{"id":"https://openalex.org/keywords/vulnerability","display_name":"Vulnerability (computing)","score":0.5458800792694092},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.5126930475234985},{"id":"https://openalex.org/keywords/vulnerability-assessment","display_name":"Vulnerability assessment","score":0.4255017340183258},{"id":"https://openalex.org/keywords/denial-of-service-attack","display_name":"Denial-of-service attack","score":0.42086780071258545},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.3461708426475525},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.30190807580947876}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.817965030670166},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6397265791893005},{"id":"https://openalex.org/C95713431","wikidata":"https://www.wikidata.org/wiki/Q631425","display_name":"Vulnerability (computing)","level":2,"score":0.5458800792694092},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.5126930475234985},{"id":"https://openalex.org/C167063184","wikidata":"https://www.wikidata.org/wiki/Q1400839","display_name":"Vulnerability assessment","level":3,"score":0.4255017340183258},{"id":"https://openalex.org/C38822068","wikidata":"https://www.wikidata.org/wiki/Q131406","display_name":"Denial-of-service attack","level":3,"score":0.42086780071258545},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.3461708426475525},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.30190807580947876},{"id":"https://openalex.org/C542102704","wikidata":"https://www.wikidata.org/wiki/Q183257","display_name":"Psychotherapist","level":1,"score":0.0},{"id":"https://openalex.org/C15744967","wikidata":"https://www.wikidata.org/wiki/Q9418","display_name":"Psychology","level":0,"score":0.0},{"id":"https://openalex.org/C137176749","wikidata":"https://www.wikidata.org/wiki/Q4105337","display_name":"Psychological resilience","level":2,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1155/2022/1833062","is_oa":true,"landing_page_url":"https://doi.org/10.1155/2022/1833062","pdf_url":"https://downloads.hindawi.com/journals/scn/2022/1833062.pdf","source":{"id":"https://openalex.org/S120683614","display_name":"Security and Communication Networks","issn_l":"1939-0114","issn":["1939-0114","1939-0122"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319869","host_organization_name":"Hindawi Publishing Corporation","host_organization_lineage":["https://openalex.org/P4310319869"],"host_organization_lineage_names":["Hindawi Publishing Corporation"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Security and Communication Networks","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:26d6a76ab2b44cb58693d2671b078f10","is_oa":true,"landing_page_url":"https://doaj.org/article/26d6a76ab2b44cb58693d2671b078f10","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"Security and Communication Networks, Vol 2022 (2022)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1155/2022/1833062","is_oa":true,"landing_page_url":"https://doi.org/10.1155/2022/1833062","pdf_url":"https://downloads.hindawi.com/journals/scn/2022/1833062.pdf","source":{"id":"https://openalex.org/S120683614","display_name":"Security and Communication Networks","issn_l":"1939-0114","issn":["1939-0114","1939-0122"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319869","host_organization_name":"Hindawi Publishing Corporation","host_organization_lineage":["https://openalex.org/P4310319869"],"host_organization_lineage_names":["Hindawi Publishing Corporation"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Security and Communication Networks","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.6399999856948853}],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4213280295.pdf","grobid_xml":"https://content.openalex.org/works/W4213280295.grobid-xml"},"referenced_works_count":11,"referenced_works":["https://openalex.org/W2733765803","https://openalex.org/W2773235317","https://openalex.org/W2774161712","https://openalex.org/W2790360011","https://openalex.org/W2964522977","https://openalex.org/W2969468102","https://openalex.org/W2996478686","https://openalex.org/W3004171232","https://openalex.org/W3024317787","https://openalex.org/W3048918823","https://openalex.org/W3198037653"],"related_works":["https://openalex.org/W1883246888","https://openalex.org/W2370114625","https://openalex.org/W2947584067","https://openalex.org/W3118510577","https://openalex.org/W3157230915","https://openalex.org/W1496728123","https://openalex.org/W2062873522","https://openalex.org/W1756374135","https://openalex.org/W2789975780","https://openalex.org/W2007895524"],"abstract_inverted_index":{"This":[0],"work":[1,174],"provides":[2],"an":[3,51],"answer":[4,30],"to":[5,80,98,165,207],"the":[6,11,16,43,114,117,121,126,133,138,149,167,176,181,196],"following":[7],"key":[8],"question:":[9],"Are":[10],"Web-based":[12,188],"management":[13],"interfaces":[14,45,189],"of":[15,24,46,54,63,77,106,136,144,180,184,187,198],"contemporary":[17],"off-the-shelf":[18],"wireless":[19],"access":[20],"points":[21],"(WAP)":[22],"free":[23],"flaws":[25],"and":[26,95,102,108,125,157,202,218],"vulnerabilities?":[27],"The":[28],"short":[29],"is":[31,204],"not":[32],"very":[33],"much.":[34],"That":[35],"is,":[36],"after":[37],"performing":[38],"a":[39,60,210],"vulnerability":[40],"assessment":[41],"on":[42,159],"Web":[44,140],"six":[47],"different":[48],"WAPs":[49,199],"by":[50,154],"equal":[52],"number":[53,62],"diverse":[55],"renowned":[56],"vendors,":[57],"we":[58,147],"reveal":[59],"significant":[61],"assorted":[64],"medium-to-high":[65],"severity":[66],"vulnerabilities":[67,78],"that":[68,162,190],"are":[69,84,163],"straightforwardly":[70],"or":[71,130],"indirectly":[72],"exploitable.":[73],"Overall,":[74],"13":[75],"categories":[76],"translated":[79],"28":[81],"zero-day":[82],"attacks":[83,97],"exposed.":[85],"Our":[86],"findings":[87],"range":[88],"from":[89],"legacy":[90],"path":[91],"traversal,":[92],"cross-site":[93],"scripting,":[94],"clickjacking":[96],"HTTP":[99],"request":[100],"smuggling":[101],"splitting,":[103],"replay,":[104],"denial":[105],"service,":[107],"information":[109],"leakage":[110],"among":[111],"others.":[112],"In":[113],"worst-case":[115],"scenario,":[116],"attacker":[118],"can":[119],"acquire":[120],"administrator\u2019s":[122],"(admin)":[123],"credentials":[124],"WAP\u2019s":[127,139],"Wi-Fi":[128],"passphrases":[129],"permanently":[131],"lock":[132],"admin":[134],"out":[135,200],"accessing":[137],"interface.":[141],"On":[142],"top":[143],"everything":[145],"else,":[146],"identify":[148],"already":[150],"applied":[151],"hardening":[152],"measures":[153],"these":[155],"devices":[156],"elaborate":[158],"extra":[160],"countermeasures":[161],"required":[164],"tackle":[166],"identified":[168],"weaknesses.":[169],"To":[170],"our":[171],"knowledge,":[172],"this":[173,185,216],"contributes":[175],"first":[177],"wholemeal":[178],"appraisal":[179],"security":[182],"level":[183],"kind":[186],"go":[191],"hand":[192],"in":[193,215],"glove":[194],"with":[195],"myriads":[197],"there,":[201],"it":[203],"therefore":[205],"anticipated":[206],"serve":[208],"as":[209],"basis":[211],"for":[212],"further":[213],"research":[214],"timely":[217],"challenging":[219],"field.":[220]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":3}],"updated_date":"2026-05-21T06:26:12.895304","created_date":"2025-10-10T00:00:00"}