Adtran 411 ONT Privilege Escalation Vulnerability

A privilege escalation vulnerability has been identified in the Adtran 411 ONT, specifically in firmware version L80.00.0011.M2. This vulnerability allows attackers to gain elevated privileges through unspecified vectors. The issue was discovered during a security audit, which noted several vulnerabilities, including weak user passwords, command injection opportunities via Telnet and the web interface, and the ability for unprivileged users to access configuration files containing admin passwords.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing attackers to gain elevated rights and access sensitive functions or data.

Reproduction

The vulnerability can be reproduced by accessing the device's serial console through a 4-port header on the mainboard. This header can be accessed from outside the unit by connecting to the internal pins through the device's casing. Once connected, the console outputs boot logs and presents a login prompt, where a root shell can be obtained.

Remediation

Users are advised to update to version 24.3, where this vulnerability has been addressed.