Researchers recently Telestar Digital GmbH Internet of Things (IoT) found two new vulnerabilities (CVE-2019-13473 and CVE-2019-13474). Hackers could exploit these vulnerabilities remotely control a network device IOT signal, change the device name, steal audio files. The affected products are Telestar the Imperial & Dabman I and D series connected devices, involving more than one million devices.
Researchers have found an exception on a server connected to the Telestar device: its port 23 has an unknown Telnet service. Because the port is active and password security is not strong, the hacker can quickly establish a network connection therewith in just 10 minutes by loose password security and brute force. Once a successful invasion, a hacker can access and edit content on all connected to the device server. Experts said that network security risks should be treated things device seriously.
Currently, Telestar Digital GmbH Internet of Things (IoT) has released a security patch to fix this vulnerability.
Ways: ZDNet