DJI Drones
DJI Drones | Image source: Wired

Researchers have found a serious problem that threatens the security of individuals alongside business enterprises. The researchers have found security vulnerabilities in the DJI drone web app that can trigger remote hacks. By searching for this vulnerability, the attacker may have access to users accounts, personal details, and important information.

According to the reports, the security defects were found in the DJI drone web app, and the checkpoint research recently discovered the security vulnerabilities targeting the DJI drones. Without any warning or any problems, attackers can access the personal data of the DJI drone users.

When the problem was discovered by researchers, the vulnerability was in the DJI's identification process. So that the attacker could hack a targeted account. It was explained by CPR in the below-given paragraph, 

"The DJI uses a cookie that the attacker can get to identify a user and access to his platform by using tokens or tickets. By using this cookie, an attacker can easily hijack and use any user's account and takes full control over any DJI mobile app, web account or DGI Flight Hub account". 

There is no special strategy required to search for bugs. The user might be suffering from a possible attack by clicking on a malicious link shared in the attacker's post on the DJI platform. Eventually, this will be the result of a cross-site scripting (XSS) attack, allowing the attacker to access the victim's account.

This attack can disclose sensitive data to hackers, such as photos, drones flight logs, live maps and camera views, videos and the profile information taken of victim's. 

DJI Released Patch

This vulnerability was first found in March. Then they immediately informed about this issues to the DJI. The vendors take about six months to catch the defect, so researchers have not recently disclosed their findings.

According to the CPR, the DJI gave an adequate response to its report. However, when they found the bug's high-risk factor, they considered it a less likely flaw due to the trick of exploitation methods. In addition, the DJI confirmed that the faults remained unchanged.

For more Trending News on Tech & Gadgets and Drones, Stay tuned with us on FoxSplit. To stay in touch, you can follow us on
Facebook, Google+, and Twitter