At least 28 backdoor cuts and many other vulnerabilities were discovered in the firmware of the popular FTTH ONT router, which is widely developed throughout South America and Southeast Asia.
FTTH ONT stands for Fiber-to-the-Home (Fiber-to-the-Home Optical Network Terminal). These are special devices placed at the end of the fiber optic cables. Their role is to convert the optical signals sent through the optical fibers to standard Ethernet or WiFi connections.
FTTH ONTs are usually installed in apartment buildings or inside homea or businesses that choose gigabit-type subscriptions.
In a report published last week, security researcher Pierre Kim said he had identified a number of security vulnerabilities with the FiberHome HG6245D and FiberHome RP2602, two models of FTTH ONT routers developed by Chinese company FiberHome Networks.
The report describes both the positive and the negative issues with both router models and their firmware.
For example, on the plus side, both devices don't expose the dashboard via some external one interfaces IPv4, making it impossible to attack the web panel over the Internet. Additionally, the Telnet management feature, which is often exploited by botnets, is disabled by default.
However, Kim reports that FiberHome engineers apparently failed to activate the wall protectiondevice is only active on the IPv4 interface and not IPv6, allowing direct access to all internal services of the router as long as one knows the IPv6 address.
Kim described a long list of backdoors and vulnerabilities he discovered in the device, which he claims could be used by intruders to take over ISP infrastructure.
See the list of vulnerabilities