Well here are a couple hundred:
https://www.shodan.io/search?query=Command+Line+Interface+for+EPON+System
-Keith
Mel Beckman wrote on 7/10/2020 1:07 PM:
Perhaps you’re confusing OLT with ONT? An OLT is a “curbside”
distribution node, the ONT is the CPE. The vulnerability is in the
distribution node, not the CPE. No provider with any sense exposes
their distribution node admin interface to the Internet.
-mel via cell
On Jul 10, 2020, at 1:01 PM, m...@beckman.org wrote:
The “WAN” port of an OLT _is_ it’s management port. Data, IPTV, and
VoIP traffic pass on VLANs, typically encrypted. These are passive
optical network (PON) devices, where all CPE in a group of, say, 32
premises receive the same light via an optical splitter. Thus network
partitioning is a requirement of the architecture. There is no
concept of a traditional “WAN” port facing the Internet.
-mel via cell
On Jul 10, 2020, at 12:21 PM, Owen DeLong <o...@delong.com> wrote:
Um, from the article it appears that this isn’t on the Management
interface, but the WAN port of the OLT.
Owen
On Jul 10, 2020, at 11:01 , Mel Beckman <m...@beckman.org
<mailto:m...@beckman.org>> wrote:
But who, who I ask, opens their management interface to the public
Internet?!?!
Maybe this is vulnerability if you have a compromised management
network, but anybody who opens CPE up to the Internet is just
barking mad :-)
-mel via cell
On Jul 10, 2020, at 10:00 AM, Owen DeLong <o...@delong.com
<mailto:o...@delong.com>> wrote:
https://www.zdnet.com/article/backdoor-accounts-discovered-in-29-ftth-devices-from-chinese-vendor-c-data/?ftag=TRE-03-10aaa6b&bhid=29077120342825113007211255328545&mid=12920625&cid=2211510872
Wow… Just wow.
Owen
