The existence of a backdoor in the network terminal made in China, the possibility of becoming a big problem in the IoT era

It was discovered that there is a backdoor in Chinese VoIP products. IoT where everything connects to the InternetInternet of things) Before the arrival of the era, the risk of this type of backdoor being exploited by malicious people is pointed out.

Dangerous backdoor exploit found on popular IoT devices | TechRadar

Undocumented Backdoor Account in DBLTek GoIP

Security countermeasure companyTrustwaveHowever, China's VoIP product maker DblTekTelnetuseGoIPI found that there is a backdoor in the product. Trustwave warns that this back door was prepared for DblTek to have access to the terminal, but it could be used by a malicious third party.

In the manual of the GoIP terminal, it was clearly stated that logging in with the ID "ctlcmd" and "limitsh" to acquire the information of the terminal was clearly described, but it turned out that the hidden ID "dbladm" exists. With this backdoor, Trustwave notes that there is a possibility of remote access to the root authority shell of the target terminal.

Trustwave says that similar security holes exist in the firmware of almost all GSM-VoIP devices sold by DblTek. In addition, we know that there are third party terminals using DblTek's firmware.

Trustwave pointed out the existence of the backdoor to DblTek in the fall of 2016, and DblTek released the patch-applied firmware in December 2016. However, Trustwave criticizes that DblTek's new firmware is poorly written simply because it makes access more difficult, not just removing defects, Trustwave criticizes that DblTek 's response only listens to security concerns. Trustwave also succeeded in using the backdoor even in the modified firmware.

Voices concerning the security of IoT terminals are getting bigger day by day, but problems caused in the world connected with IoT terminals are not only security holes themselves but also security problems on their terminals and software are pointed out It seems that there is also inappropriate response like DblTek taken whenTechRadarI am ringing a warning bell.

in Software,   Hardware,   Security, Posted by darkhorse_log