Security News > 2020 > July > Backdoors Identified in Tens of C-Data Fiber Broadband Devices

Backdoors Identified in Tens of C-Data Fiber Broadband Devices
2020-07-13 10:00

Security researchers have discovered backdoors impacting a total of 29 Fiber-To-The-Home Optical Line Terminal devices from Chinese vendor C-Data.

Security researchers Pierre Kim and Alexandre Torres discovered that the FD1104B and FD1108SN OLTs are impacted by several vulnerabilities, including a telnet server accessible from both the WAN and the FTTH LAN interfaces.

The backdoor credentials were found to differ between firmware versions and vendors, but they do provide access to the affected devices.

An attacker with backdoor access to the OLT can extract administrator credentials through the command-line interface, the researchers also discovered.

The vulnerabilities were identified in December 2019, and the researchers decided to disclose their findings publicly this week, as they believe some of the backdoors were "Intentionally placed by the vendor."


News URL

http://feedproxy.google.com/~r/Securityweek/~3/2aPgB-PNmho/backdoors-identified-tens-c-data-fiber-broadband-devices