Approximately 20,000 Orange Modems have been found to be vulnerable to a new vulnerability (CVE-2018-20377). This vulnerability was found by honeypots that researchers had deployed in the wild. The honeypots found a plethora of scans that were targeting Orange Modems, primarily in Spain and France. A flaw in the Orange Livebox ADSL modems allows a remote unauthenticated user access to the SSID and Wi-Fi password for that device. Many of the devices that were found to be leaking the Wi-Fi password were also using the same password to administer the device, or did not set up their own custom password when they set up their Wi-Fi and are still using the default password. This allows an attacker to gain entry into the box and make malicious changes to the settings or firmware of the device. The initial scan that was found was from an IP address that was associated with a Spanish internet company. Typically, it is not seen that the attacker is physically this close to their targeted devices, and if the attacker was close enough to a vulnerable box, they could connect to the Wi-Fi network SSID.
When evaluating a Managed Detection & Response (MDR) service there are 5 critical components that