jtc-200

28 Oct 2017

[ICS] JanTek JTC-200 RS232-NET Converter Advisory Published

Vendor: JanTek
Equipment: JTC-200
Vulnerabilities: Cross-site Request Forgery, Improper Authentication

ICS-CERT Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-17-283-02

CVE-ID
CVE-2016-5789
CVE-2016-5791

AFFECTED PRODUCTS

The following versions of JTC-200, a TCP/IP converter, are affected:

  • JTC-200 all versions.


IMPACT

Successful exploitation of these vulnerabilities could allow for remote code execution on the device with elevated privileges.

Read on for details.

Read more

05 Jul 2016

[ICS] RS232-NET Converter (model JTC-200) – Multiple vulnerabilities

Found multiple vulnerabilities in RS232-NET Converter (model JTC-200), and have been coordinating with ICS-CERT for quite a while now. IMHO it is time for a public disclosure.

Product details -> http://www.jantek.com.tw/en/product/73

Seen deployed in:
  • CHTD, Chunghwa Telecom Co., Ltd. (Taiwan)
  • HiNet (Taiwan & China)
  • PT Comunicacoes (Portugal)
  • Sony Network Taiwan Limited (Taiwan)
  • Vodafone Portugal (Portugal)

This hardware seems to be in use on several large corporate networks, and has a backdoor shell quietly listening in offering unauthenticated access!

Read on for details and poc.

Read more