GPON Full-Fiber Home Routers Vulnerable to Hackers

Some vendors' GPON ISP routers are vulnerable to two new exploits that could allow hackers to exploit the devices, according to security researchers working for VPN Mentor.

The routers are deployed for full-fiber gigabit broadband (FTTH/P) providers around the world, VPN Mentor reported today. When combined, the vulnerabilities -- CVE-2018-10561 and CVE-2018-10562 -- give unauthorized users complete control of the router and, therefore, the network, the security researchers found.

"The first vulnerability exploits the authentication mechanism of the device that has a flaw. This flaw allows any attacker to bypass all authentication," they wrote. "The flaw can be found with the HTTP servers which check for specific paths when authenticating. This allows the attacker to bypass authentication on any endpoint using a simple trick."

Currently, the two vulnerabilities have not been published so security analysts have not identified affected router vendors. Researchers used Shodan, the infamous search engine used to find connected Internet of Things (IoT) devices around the globe to locate infected routers, estimating at least 1 million high-speed GPON routers are impacted.

They are primarily found in Mexico, Kazakhstan and Vietnam. But any relief residents in other countries feel could be short-lived.

"We tested this vulnerability on many random GPON routers, and the vulnerability was found on all of them," wrote VPN Mentor testers. "Because so many people use these types of routers, this vulnerability can result in an entire network compromise."

Related posts:

• BBWN Radio: DT Exec Opens Up About Smart Homes
• Cybersecurity Opportunities & Pressure Heat Up
• Service Providers Are Spending Big on Network Automation. Here's Why...

— Alison Diana, Editor, Broadband World News. Follow us on Twitter or @alisoncdiana.