DEF CON 22 I Hunt TR 069 Admins Pwning ISPs Like a Boss
Dan Morphis
dan at milkcarton.com
Fri Jan 16 16:53:49 EST 2015
As we prepare to deploy Genie, I want to verify that the only ports that
need to be accessible by the CPE are 7547 (cwmp) and 7567 (file server)? Is
that accurate?
-dan
On Fri, Jan 16, 2015 at 12:08 PM, Zaid Abdulla <zaid at genieacs.com> wrote:
> Hello,
>
> I thought you guys might be interested in this TR-069 related talk:
> https://www.youtube.com/watch?v=DlID0CH3j4M
>
> In this talk Shahar and his team from Checkpoint Technologies researched
> a few ACS systems looking for security vulnerabilities. GenieACS was one
> of the systems they looked into and found a vulnerability. They were
> kind to inform me before publishing their findings. This is the fix of
> said vulnerability if anyone is curious:
>
> https://github.com/zaidka/genieacs/commit/03f9a9e6289c18f3a9742d9737552d150294605d
>
> Zaid
> _______________________________________________
> Users mailing list
> Users at lists.genieacs.com
> http://lists.genieacs.com/mailman/listinfo/users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.genieacs.com/pipermail/users/attachments/20150116/86c05a74/attachment.html>
More information about the Users
mailing list