cancel
Showing results for 
Search instead for 
Did you mean: 

SmartZone-100 product has security vulnerabilities.Hackers can use udp9001 port to launch ddos reflection amplification attack

li_xiang
New Contributor

I am a security researcher from Baidu,Recently, we have detected a large number of hacking incidents from ddos attacks initiated on the UDP9001 port on the SmartZone-100 device. Great harm!!!

Refer to my screenshot for details.my phone number is 18903860673

My email address is 18903860673@163.com, I come from Baidu in China,Hope you guys get back to me as soon as possible,

Image_ images_messages_60e2e826343e2b0bb01b8590_219bd35fad14c5417a7d39494614700d_1-26b24858-5030-47b4-b43a-b44b450c4a75-46734060.png
Image_ images_messages_60e2e826343e2b0bb01b8590_f0303439659a2da30844ab8530b7fbb5_4-bf56df6d-8c4f-4824-a102-978858c41c8a-49504623.png
Image_ images_messages_60e2e826343e2b0bb01b8590_08d613990b078e9c2e92d2c3c5c6df48_5-37ecab71-5b48-4656-8707-bac7a4541638-50428144.png
13 REPLIES 13

Anonymous
Not applicable

Hello li_xiang,

We use port 9001 for Elastic Search DB update and also sync with member node in the vSZ/SZ Cluster. Please feel free to report a case with us for further investigation. Also make sure to mention the current firmware running on the SZ.

Regards,

Parikshith

@parikshith_nagaraj_aa0004 Can you tell me the business situation? What is the relationship between SmartZone-100 and ES, and why will ES services be deployed on SmartZone-100? At present, these SmartZone-100 devices still have problems. Port 9001 can accept any UDP request to respond to very large data packets, which will be used by hackers.

Anonymous
Not applicable

Hi @li_xiang,

As per the design, ES helps fetch data from Cassandra DB and present it to Web GUI. Also maintains the DB between different SZ Nodes in the cluster.

As suggested please feel free to report a case for further investigation.

Regards,

Parikshith 

@parikshith_nagaraj_aa0004 Is the ES deployed on SZ an ES service or a plug-in