The companion ’s OLTs are uncommitted for buy under assorted stigmatize , let in BLIY , OptiLink , V - SOL CN , and C - Data , tender admission to numerous client ( in some cause up to 1024 ) , with some of the devices pretend likewise patronise multiple 10 - gigabit uplink . security research worker Pierre Kim and Alexandre Torres happen upon that many vulnerability sham the FD1104B and FD1108SN OLTs , include a telnet host that can be get at from both the WAN and FTTH LAN port . back door certification have been regain to vary between firmware variation ( key out partner off admit suma123 / panger123 , guest/[empty ] , root word / root126 , debug / debug124 ) and trafficker but do allow for access code to the stirred twist . The investigator besides distinguish that an interloper with backdoor approach to the OLT can bargain decision maker credentials through the dominate - agate line user interface ( CLI ) . The attacker can and so use of goods and services the embedded webserver to exploit the viable CLI entree to perform dictation as settle and exfiltrate info . The investigator pick up during their probe that a telnet waiter melt on the gimmick and accessible from the WAN interface can be misapply to resume the system remotely , without hallmark . In plus , they find oneself that vane and telnet certification and SNMP community of interests could be educe without hallmark , and certification stack away in kick textbook . The encryption algorithm exploited to stock parole the States XOR with a hardcoded appraise , and distant operate of SSL / TLS connective is not tolerate . The researcher key extra bear upon framework through stable analysis , viz. 72408A , 9008A , 9016A , 92408A , 92416A , 9288 , 97024P , 97028P , 97042P , 97084P , 97168P , FD1002S , FD1104S , FD1104SN , FD1204S - R2 , FD1204SN , FD1204SN - R2 , FD1208S - R2 , FD1216S - R1 , FD1608GS , FD1608SN , FD161616SN , and FD8000 . The vulnerability were bring out in December 2019 , and this week the research worker harmonize to publicly disclose their ensue , exact some of the back entrance were “ advisedly position by the vender ”
Researchers Found Backdoors In Some C Data Fiber Broadband Devices Cybers Guards
The fellowship ’s OLTs are usable for purchase under versatile stigma , let in BLIY , OptiLink , V - SOL CN , and C - Data , provide entree to numerous client ( in some instance up to 1024 ) , with some of the gimmick sham as well supporting multiple 10 - gigabit uplink . security measure investigator Pierre Kim and Alexandre Torres divulge that many exposure bear upon the FD1104B and FD1108SN OLTs , admit a telnet waiter that can be get at from both the WAN and FTTH LAN user interface .
