The Closer Look at the Security of Smart Home Gateways
摘要
With the rapid evolution of fiber optic communication technologies, Optical Network Units (ONUs) have superseded traditional modems as next-generation Smart Home Gateways (SHGs). These de-vices integrate advanced functionalities including routing, Wi-Fi access, and Network-Attached Storage (NAS) [1], significantly expanding their attack surfaces. Through systematic security analysis of China Telecom’s SHGs, this paper identifies four critical vulnerabilities: default credentials, weak password policy, unauthorized Web access, and sensitive information leakage. We demonstrate how these vulnerabilities form an exploit chain that could be weaponized by IoT malware like Mirai for largescale Distributed Denial-of-Service (DDoS) attacks. Our experimental validation confirms the feasibility of integrating this exploit chain into existing botnet frameworks. Furthermore, we propose mitigation strategies including access control reinforcement, password policy hardening, encryption of configuration files, and adoption of secure protocols. This study highlights urgent security challenges in SHGs and provides actionable countermeasures for device manufacturers and Internet Service Providers (ISPs).