Vulnerability on Overtek ONU authorization method

Instead of using cookies for authenticating clients and linking them to their respective sessions, Overtek OT-4020vw detects the client IP address and allow administrative privileges, with the right password, to that IP. That means that if you have an infrastructure like the following, all computers in a subnet would have access to the admin panel once the real admin logged in from the same subnet.

If it’s not possible to buy new equipment, here’s how to avoid security breaches:

  1. Always login from a non-shared local IP address;
  2. Disconnect LAN and Wi-Fi users before logging in. Do the modifications needed and then logout.

I’ll explore ways to get admin permissions, even from another IP address and report back.

Sidebar