Possible vulnerability found in the internal software of FTTH C data equipment
Possible vulnerability found in the internal software of FTTH C data equipment
The report outlines methods to obtain admin credentials, enabling an attacker to execute root-level commands. Access to the WAN or FTTH LAN interface is required. I have limited networking knowledge and want to know if this attack depends on direct device access or can be traced via the ISP’s network. Summary link: https://www.zdnet.com/google-amp/article...dor-c-data Original GitHub report: https://pierrekim.github.io/blog/2020-07...ities.html
The WAN connection of the device contains the public IP address of the private network(s) it belongs to. If this information is accessible globally, an attacker anywhere could potentially target it. Physical access isn't necessary unless a more direct method like a man-in-the-middle is used.
Unlikely these devices possess public IP addresses. Usually, control over such equipment is handled via DHCP within a private network and TR-069 by the service provider managing them.