I had recently purchased a HP R110 Wireless 11n VPN AM Router (Product No: J9974A).
I had noticed that it by default communicates via http instead of https, the reason this is an issue is that every single request the user sends after logging in is sent with the login and password in get/post requests to the router.
I apologize for the bad “screenshot” phone camera photo.
The ‘username=admin; password=admin’ shows up in every request after login. I used the default credentials in this example so that i didn’t give my own away.
This might not seem like a big deal but anyone sniffing the network could obtain these credentials.
Matt Landers 