Researchers detected vulnerabilities and suspected intentional backdoors in 29 Fiber-to-the-Home Optical Line devices distributed by C-Data. The popular Chinese vendor’s devices are widely used across the world and are present in most ISP’s network.
Pierre Kim and Alexander Torres, researchers detected 7 liabilities in two devices and suspect 27 other devices to have the same vulnerabilities as they implement similar firmware. Torres and Kim say that the biggest issue identified yet are the Telnet backdoor accounts uncovered in the firmware. This provides hackers with admin CLI control.