More than 25 backdoors have detected in FTTH ONT (Fiber-to-the-Home Optical Network Terminal) Routers.

Continue reading
FTTH ONT are the special devices in the router which are placed at the end of the optical cable, its role is to convert the optical signals received through the optical cable into Ethernet or wireless signals. More than 25 backdoor accounts and multiple vulnerabilities have been found in FTTH ONT routers developed by the Chinese manufacture FiberHome Networks.
In a report, security researcher Pierre Kim said he found multiple security threats in two router models FiberHome HG6245D and FiberHome RP2602 by FiberHome networks.
Firstly, the researcher stated that both the devices are not vulnerable to IPv4 external interface, making its management panel non-accessible and also Telnet management feature is disabled. However, the case is not the same with IPv6 external interface the device's firewall is only active on IPv4 and not on IPv6 which allows access to all the internal service and management panel of the device if one only knows the IPv6 address of a device. Pierre Kim discovered multiple security issues like:

Pierre Kim also stated "that some backdoors have been intentionally placed by the vendor." further he said he had reported these security issues to the FiberHome Networks. Adding to this, The U.S department in May 2020 has blacklisted the FiberHome Networks along with eight other Chinese companies restricting their access to the U.S.

Splunk disclosed CVE-2026-20253, a critical pre-auth RCE flaw in Splunk Enterprise (CVSS 9.8) from insecure MongoDB defaults. Patches released; upgrade to 9.1.8, 9.2.5, or 9.3.2.