Chinese Router Maker Has Backdoors in Their Devices
Fiber-to-the-Home Optical Network Terminal (FTTH ONT) are special devices made to be connected at the user end of internet fiber cables and would transmit the optic signals into internet signals. These are called routers, in the more local languages, and are widely used by ISPs in Southern America and Southeast Asia.
Chinese FiberHome ONTs too fall in this category and are spotted to have critical problems in their devices. Last week, a security researcher named Pierre Kim has pointed out several vulnerabilities, including 28 backdoors in FiberHome HG6245D and FiberHome RP2602 models of FiberHome ONTs. All these were hardcoded into the device’s firmware, making them hard to remove easily and blame the maker for making some intentionally. Also, the researcher’s balancing report tells that, it’s good that FiberHome has disabled the Telnet management feature by default and closing the management panel via the IPv4 external interface. These are the main paths used by hackers to get into the device and add them into their botnet network. But, at the same time, he said that FiberHome hasn’t blocked access to these management panels via the IPv6 interface, which can let hackers get through the web panel by just knowing the IPv6 address of the device! While some vulnerabilities were seen as bugs, some were said to be intentionally placed by the maker itself! He reported this in January last year to FiberHome and didn’t know whether the OEM has rectified any of these vulnerabilities or not, as he didn’t check the latest versions of these models. But, he listed out all the discovered vulnerabilities as below, in his blog;
