www.belgium.be Logo of the federal government

Description

This report identifies hosts that have the CPE WAN Management Protocol (CWMP) running and accessible on the Internet.

Assessment

The entries in this report are hosts that have the CWMP service open towards the internet. If this service is poorly implemented, it can be hijacked by an attacker through man-inthe-middle attacks (e.g. DNS redirection). The likelihood is considered medium because most CWMP implementations are not vulnerable. Manual verification is required. The impact is set to high as exploiting this service can result in a Remote Code Execution.

Recommendations

• Block access to ACSs and CPEs from outside of your network.

References

Shadow Server – Open CWMP Report

Shadow Server – CWMP Scanning Project

Wikipedia – TR-069