Simple Web requests reveal admin user name, password, WEP key, and SSID: 3Com has fixed the glaring hole as of Jan. 19 based on an iDefense report that was provided to them in advance and released yesterday. 3Com users of the affected equipment are obviously advised to immediately update. It's unclear whether the URLs noted in the report are easily available over the Internet: a quick Google check using "inurl:" (looking for text in an URL) didn't spot any 3Com routers. It's likely that remote administration has to be enabled. [link via Frederick Wamsley, the expert behind Beryllium Sphere]