TR-069: IoT before it was cool! Analysis of TR-069 (TCP 7547) exposure and attacks over time

In Summary :

TR-069, the CPE WAN Management Protocol (CWMP), is the most widespread IoT management protocol. It was first published in 2004 by the Broadband Forum. Most likely, you have a few devices in your home that use it on a daily basis. In case you’ve never heard of it before, here is the short version: ISPs use TR-069 to manage their Customer Premises Equipment (CPE). The most common CPE devices are broadband gateways (e.g. a Wi-Fi router that provides internet access via DSL, Cable, LTE or WiMAX), set-top boxes and SIP phones. The counterpart on the ISP side is the Auto Configuration Server (ACS, no more telco-lingo from this point on, promise!). The ACS can set and query parameters on the CPE. In the TR-069 world a parameter is a setting on the device e.g. the password for the SIP server or a diagnostic value e.g. the signal-to-noise ratio [...]

kindly refer the following link as follow up :
https://ift.tt/2sbTWIZ