Re: Please explain root access via telnet in year 2020
Root access via Telnet is quite common on out-of-the-box networking kit, the vendor assumes the user is sufficiently competent to either disable or secure this access path as part of their configuration and deployment.
>root access via telnet (CVE-2020-24218)
It seems the real issue here is that the Telnet daemon cannot be disabled and neither can remote (ie. WAN) access.
[source: https://kojenov.com/2020-09-15-hisilicon-encoder-vulnerabilities/#root-access-via-telnet-cve-2020-24218 ]
Interesting point here is that I've often explicitly disabled both remote access and the Telnet service in the admin web interface of network equipment, but I've not checked that this actually disables (ie. kills) the Telnet daemon...
>What about unauthenticated file upload (CVE-2020-24217)? What are we uploading here?
A .rar file which can contain a simple shell script, which will gets executed immediately. Ie. you don't need a binary file.
[Source: https://kojenov.com/2020-09-15-hisilicon-encoder-vulnerabilities/#unauthenticated-file-upload-cve-2020-24217 ]
Biting the hand that feeds IT
