Explore the critical security vulnerabilities in CPE devices and their widespread impact in this conference talk from Security BSides London. Dive into the TR-064 misconfiguration disclosed in late 2016 that allowed remote device takeovers and led to significant internet outages. Examine the exploitation of these vulnerabilities by botnets and investigate related TR-069 protocol implementation issues. Learn about the technical details of these attacks, including command injection, XML vulnerabilities, and stack overflows. Discover the implications for ISPs and their customers, with specific examples from Deutsche Telekom and Irish networks. Gain insights into the disclosure timeline, exploitation techniques, and potential defenses against these threats. Understand the importance of proper CPE configuration, SSL/TLS implementation, and XML security in preventing large-scale router takeovers. Analyze various attack surfaces, fuzzing techniques, and payload limitations in exploiting these vulnerabilities. Explore ongoing research in this field and learn about potential solutions to mitigate these risks in CPE devices and network management protocols. Read more