DESCRIPTION LAST UPDATED: 2023-12-08
SEVERITY LEVEL: MEDIUM
This report identifies hosts that have the CPE WAN Management Protocol (CWMP) running and accessible on the Internet. It is unlikely this service needs to be exposed to the wider Internet. Vulnerabilities in CWMP services can be abused by IoT botnets, such as Mirai. Note: this report identifies only accessible services, not necessarily vulnerable ones. Nevertheless please block external access if you receive a report from us to reduce your potential attack surface – why wait for a vulnerability to be discovered?
See https://en.wikipedia.org/wiki/TR-069 for more information.
For more information on our scanning efforts, check out our Internet scanning summary page.
Severity levels are described here.
This report has an IPv4 and IPv6 version.
Filename(s): scan_cwmp, scan6_cwmp