ELNet Energy meter & Electrical Powermeter vulnerabilities - another case of poor software security practices.!
A while back in April - May 2015, on a pentest in Sydney, I was testing a LG-Nortel ADSL modem for a customer. This device model is heavily deployed by Optus in Australia (Sydney) for its SOHO broadband customers. I found several security flaws on the device which I then reported to appropriate teams.
(Potential) Estimated deployment size is 20-30% of customer base. Optus, CERT-US, CERT-AU, are aware of these issues.
Ownership of this model by LG Nortel could not be identified. <--- The issues are not fixed.
This device may very well be used by other Service Providers and / or in other locations. I am not sure if & how this device might connect back to Optus network. If it does connect / talk back, it'd be interesting what impact it can create.
Read on for details & poc.