GPON routers – new elements of your botnet attacks?
Laszlo Takacs

GPON routers – new elements of your botnet attacks?


People can never rest. We thought that after the last serious Drupal vulnerablity finally we can rest, but a new threat came up which is including GPON routers made by Dasan. GPON is a type of Passive Optical Network (PON) used to provide fiber connections. It is being used to provide short haul fiber connections for cellulas base stations, home access points, DAS. Primary regions with GPON devices include Vietnam, Mexico, Kazakhstan.


Top countries
Number of Devices
Mexico
492,080
Kazakhstan
374,473
Vietnam
146,115

               

There are two flaws at the moment


The first one (CVE-2018-10561) allows anyone ( possibly attackers ) to remotely bypass the router’s authentication by simply adding a string „?images/” to the end of the URL.

The second one is (CVE-2018-10562) allows the attacker the ability to execute code remotely on the compromised device.

Cybercriminals have already started expliting these vulnerablities, in this case BitNinja is a must to have on your server in order to protect yourself.
Unfortunately the patch from Dasan is not even in development, as they have not shared any information. Almost a million vulnerable GPON routers are still exposed ont he Internet.

Share your ideas with us about this article

Previous posts

3rd Drupalgeddon alert! How to be protected with BitNinja?
Third critical Drupal vulnerability discovered!!! Those who are running a Drupal website couldn’t have a rest over the past few weeks. This is the third time when Drupal recommends to update these sites. During exploring the previous remote code execution (RCE) vulnerability, the CVE-2018-7600, the team discovered a new RCE vulnerability (CVE-2018-7602). If  you or your customers have Drupal websites and would like to avoid  backdoors, cryptocurrency miners and other malwares, BitNinja is here to  help you! Just make sure your WAF rule #402003 is enabl...
Security by design
Our team has attended the CloudFest back in March where during the security panel we have attended a presentation about the importance of security by design an important thing in terms of responsibility and suggested OWASP as a standard to start with. In this blog post we would like to show, why it is important for developers too, not just for security providers. The best way to define it is an approach to software and hardware development where the main goal is to make a system as free of vulnerabilities and imprevious to attack as possible. To achieve this there is a need for a huge amoun...