Dataphone A920 Incorrect Access Control Vulnerability Allowing Unauthenticated Service Exposure on Port 8888

A vulnerability in the Dataphone A920 device, specifically in version 2025.07.161103, allows for incorrect access control that exposes a service on port 8888 by default. This service is accessible over the local network without authentication, enabling unauthenticated interaction with the device via a TCP socket. Furthermore, sending an HTTP request to this service triggers an error response that reveals functional details, headers identifying Paytef dataphone packets, and the device's build version.

Impact

Exploitation of this vulnerability allows for unauthorized interaction with the device's exposed service, potentially leading to manipulation of the service interface or unintended activation of service functions. The lack of authentication could also facilitate targeted attacks based on the exposed information.

Reproduction

The vulnerability can be reproduced by establishing an unauthenticated TCP connection to the device's service on port 8888. Once connected, simple requests can be sent that will provoke error responses. These responses will contain identifiers related to the device's protocol implementation and the build version, demonstrating the vulnerability's impact.