SingTel Backdoor Detection (ForgotDoor)

High Nessus Plugin ID 110271

Synopsis

The remote SingTel router has a backdoor.

Description

The remote SingTel router may be contain a backdoor. Certain SingTel routers had their administrative web interfaces port-forwarded to public-facing addresses by customer support after users requested customer service. Depending on the configuration, the router may require no credentials, default credentials, or weak credentials to obtain administrative privileges.

A remote attacker can both control these devices and use them as a pivot to widen the attack surface to all connected devices.

Solution

Disable the port forwarding either manually or by contacting the vendor.

See Also

http://www.nessus.org/u?b4b0e72e

Plugin Details

Severity: High

ID: 110271

File Name: singtel_forgotdoor.nasl

Version: 1.2

Type: local

Family: Backdoors

Published: 2018/06/01

Updated: 2018/11/15

Risk Information

Risk Factor: High

Vulnerability Information

CPE: cpe:/a:singtel:routers

Patch Publication Date: 2018/05/28

Vulnerability Publication Date: 2018/05/28