Our personal information on the internet wouldn‘t be so personal without the help of ethical hackers and security researches, who are constantly working to find as many security flaws as possible. And, thanks to vpnMentor researchers, one more was found in most of already-sold gigabit-capable passive optical network (GPON) home routers.
GPON system is being used by more than 1 million people from all around the world today. In order to make sure that all of these users are safe, the researchers remotely “attacked” and tested many home routers from different places and found out that pretty easily, all of them can be accessed by anyone – all types of authentication can be bypassed even without any special software. That is the vulnerability number one (CVE-2018-10561).
To have a clearer view of this problem – vpnMentor said that with a very little effort they even were able to execute commands on affected devices.
So, there were two different vulnerabilities in this GPON firmware, but the main problem was caused by the combination of these flaws. It granted a full control of affected devices and networks.
The first vulnerability had a full access to the authentication of the device. So, as you already guessed, it just revealed all authentication for all of those who wanted.
To be more precise, this bug lets bots remotely access gateways. And in that case, these gateways can join to botnet-vulnerable devices, which are not able to predict even the highest risk of DDoS attacks.
Moreover, hacked GPON systems are extremely dangerous because of its high-speed broadband connections. Control of affected devices can be taken over by a bot master, which forms a huge botnet. And it is easily powerful enough to generate massive denial-of-service (DDoS) attacks against internet users from all around the globe.