DBL Technology — the large Chinese producer of the communication equipment used in the companies.
2017: Detection of a tab in the equipment
In March, 2017 it became known that the VoIP-gateways DBL Technology were supplied with a tab (backdoor). As the Trustwave company found out, the potential malefactor can get access to vulnerable devices with the root-rights because at a firmware of devices there is a hidden administrative account.
Vulnerable were GOIP series VoIP-gateways. The hidden administrative account is protected by a proprietary authentication system like "call answer" (challenge-response) in which technical fault was detected. In the description of a problem on the website Trustwave the following is told:
 | The research showed that this scheme [question-answer] contains a fundamental error: the remote user does not have need to know any confidential combinations, except the call, it is necessary to have an idea of protocols/calculations only. |  |
When the user tries to get access to the device through the Telnet protocol, using the login dbladm, the device sends several UDP packets to IP address 192.168.2.1 on port 11000/udp. If the correct answer comes to this request, authorization is automatic.
Believe in Trustwave that this not documented scheme is a development artifact: authors of a program firmware, most likely, used this procedure for testing.
Trustwave notified vendor on a problem in the middle of October, 2016. At the end of December DBL Technology extended a new firmware. The procedure of authentication became complicated, however in general the scheme remained the same.[1]
Apparently, DBL Technology developers did not realize that the problem consists in the existence of the defective call answer mechanism, but not in that, it is how simple or difficult to make its return development, noted in Trustwave.
| | This situation once again shows how it is important for developers to make third-party audit of the code — Dmitry Gvozdev, the CEO of Security reference monitor company says. — When hundreds of thousands of code lines are written, there errors too easily can creep in, and probability is very high that there will be fragments which were used when testing, but should not have got to final release. | |
Notes
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |