On Fri, Jul 10, 2020 at 9:22 PM Owen DeLong <owen@delong.com> wrote:
Um, from the article it appears that this isn’t on the Management interface, but the WAN port of the OLT.


From the original at https://pierrekim.github.io/blog/2020-07-07-cdata-olt-0day-vulnerabilities.html it is very clear that we are talking about the OLT.

However any sane deployment would not be exposing the management to the internet. You would have that stuff on a vlan separate from customer traffic. I realise there are plenty of not so sane deployments out there.

Regards,

Baldur