Home > Cyber News > 1 Million Imperial & Dabman IoT Radio Devices Vulnerable to Attacks
CYBER NEWS

1 Million Imperial & Dabman IoT Radio Devices Vulnerable to Attacks

by   |  Last Update:  |  0 Comments  

Dangerous vulnerabilities were recently discovered in Telestar Digital GmbH IoT radio devices. The flaws could allow remote attackers to hijack vulnerable systems.




The vulnerabilities were discovered by Vulnerability Laboratory. Some of them are already assigned CVE numbers – CVE-2019-13473 and CVE-2019-13474. The vulnerable devices are web radios “Dabman & Imperial” (series i & d) which are distributed in Germany by Telestar Digital GmbH. The devices utilize Bluetooth and Internet connectivity, and are based on BusyBox Linux Debian.

Related: [wplinkpreview url=”https://sensorstechforum.com/smart-coffee-maker-hack-exploit/”] Here’s How Easy It Is to Hack and Exploit a Smart Coffee Maker

How were the vulnerabilities discovered?

Vulnerability Laboratory came across an anomaly on a private server which was stemming from web radio terminals of Telestar devices. As explained by security researcher Benjamin Kunz, during the investigation they noticed an undocumented Telnet service on the standard port 23 on these end devices during a port scan.

Since port forwarding was activated for all ports on this network, it could be addressed from the outside. Telnet services are less used today, because content is transmitted unencrypted and there are better alternatives today. Nevertheless, the protocol on network level and in end devices is still a bigger topic than originally thought, the researcher explained.

The researchers were able to connect and brute-force one of the radios. The attack granted them root access with full privileges. Other attacks that can be performed against the devices include changing device names, forcing a play stream, saving audio files as messages, and transmitting audio as commands locally and remotely.

More than 1 million devices may be at risk of attacks.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Related posts:
  1. Here’s How Easy It Is to Hack and Exploit a Smart Coffee Maker Avast researchers hacked a smart coffee maker “in all kinds...
  2. Adobe Patches 112 Vulnerabilities in Latest Patch Package (CVE-2018-5007) Adobe has released the latest patch package that addresses a...
  3. Remove Wzscnet.com Redirect Wzscnet.com is a search engine and the main domain of...
  4. Remove PDF Maker Browser Hijacker The article will aid you to remove PDF Maker completely....
  5. The Best IP and DVR Cameras for Security in 2018 *The data in this table may update every week because...
  6. Best Web Hosting Germany for 2021 (German Hosting Companies) *The data in this table may update every week because...
  7. Aditya Gupta: The Tools Needed to Improve the Security of IoT Devices Aditya Gupta has an impressive security research background on Internet...
  8. Best Germany Web Hosting Service You Can Trust (2018) *The data in this table may update every week because...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree