At least 28 backdoors and many other vulnerabilities were discovered in the firmware of the popular FTTH ONT router, which is widely deployed throughout South America and Southeast Asia.
FTTH ONT stands for Fiber-to-the-Home Optical Network Terminal. These are special Appliances placed at the end of fiber optic cables. Their role is to convert optical signals sent through optical fibers into classic Ethernet or WiFi connections.
FTTH ONTs are usually installed in apartment buildings or in homes or businesses that choose gigabit subscriptions.
In a report published last weekteam, security researcher Pierre Kim reported that he found too many security vulnerabilities with FiberHome HG6245D and FiberHome RP2602, two models of FTTH ONT routers developed by Chinese company FiberHome Networks.
The report describes both the positive and the negative issues with both router models and their firmware.
For example, on the plus side, both devices don't expose the board managementς μέσω κάποιας εξωτερικής διεπαφής IPv4, καθιστώντας αδύνατη την επίθεση εναντίον του πίνακα ιστού μέσω του Διαδικτύου. Επιπλέον, η δυνατότητα διαχείρισης Telnet, η οποία συχνά χρησιμοποιείται για κατάχρηση από τα botnets, είναι απενεργοποιημένη από προchoice.
However, Kim reports that FiberHome engineers apparently failed to enable it, as the device's firewall is only active on the IPv4 interface, not IPv6, allowing direct access to all the router's internal services, as long as one knows the IPv6 address.
Kim described a long list of backdoors and vulnerabilities he discovered in the device, which he claims could be used by intruders to take over ISP infrastructure.
See the list of vulnerabilities