H3-2022-0007

Telnet Port Exposed to the Internet

Description

An application on your network has Telnet, a non-encrypted, legacy protocol for remote management, exposed to the internet. Attackers can exploit this by scanning the internet for exposed Telnet ports and then using easily guessable passwords or factory-set default passwords to gain unauthorized access.

Impact

By exploiting this misconfiguration, an attacker can potentially gain remote control over the affected device, potentially infiltrating other devices on the network, installing malware, or extracting sensitive data.

References

• Hacker leaks passwords for more than 500,000 servers, routers, and IoT devices
• Wikipedia: Telnet
• MITRE ATT&CK Technique: T1133: External Remote Services