Status update – Multiple Vulnerabilities in Some ZTE CPE Terminal Products 19th Nov 2018

Preface: GPON stands for Gigabit Passive Optical Networks. GPON is defined by ITU-T recommendation series G.984.1 through G.984.6.

ZTE model F670 is a GPON Optical Network Terminal designed for Fiber to the home (FTTH) scenario. Therefore, it is very popular in today’s Internet home use.

Vulnerability findings:
Some ZTE CPE terminal products encountered below vulnerability. For more detail please refer to official announcement.
1. Heap-based buffer overflow vulnerability, which may allow an attacker to execute arbitrary code.
2. May allow an unauthenticated attacker to get the GPON SN information via appviahttp service.
3. May allows an attacker to cause a denial of service via appviahttp service.
4. May allows an unauthorized user to perform unauthorized operations on the router.
5. An attacker can be allowed to brute force account credentials.

Vulnerabilities and remedy details:
http://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1009383

Comments: We aware that there are plenty of IoT devices expose their vulnerabilities on internet. It such a way to let the cyber criminals form their cyber attack army (Botnet). So staying alert and following the vendor recommendation to execute the remedy.