I reverse engineer ccom_linkkit.
It is basically built on top of AliOS Things, which can be found here:
https://github.com/alibaba/AliOS-Things

The vulnerabilities seems to be many of the components are old and never updated.
After looking at some of the CVE, potentially exploitable in the real world are:
CVE-2024-2466
CVE-2024-23775
CVE-2024-6197

I am limiting my CVE search to within these 2 years based on the state of AliOS Things repo.
No doubt there are other known CVE but I feel they are a bit "hard" to exploit.
If I am the attacker I would just focus on the above CVEs.

I only check for curl, cjson and mbedtls. I did not go look at the other long list of components.
This is really some intense time consuming work.

As for boa, I let this article do the talking:
https://www.theregister.com/2022/11/23/micr...boa_web_server/

This post has been edited by kwss: Jul 27 2024, 07:38 AM

Your finding is same CVE as other guy found, but he found more apparently.
he said firmware is easily override with infected firmware and can prevent bridging,

so, forcing user to use as router so the device can become zombie/botnet
⬆️ it is possible some user reportingg can't bridge and slow speed? might device already infected

OMG that is scary and diabolical man!

Both my dlinks at different sites have this problem, suddenly speed with throttle down to 300/100. white and black also like that. There seems to be no set schedule when it happens, sometimes, day time, night time/ twice a day, 3 days once......

Black one will replace once i get my media converter, will use with the ODI stick.

This whole speed drop thing is still a mystery.
It might be malware, might be something else, might be a lot of things.

I don't think I will spend that kind of time to finally prove what caused it. Or maybe I get lucky.

I don't even know where to look right now.

Well, not worth of time to clean-up the D-Link or even de-compile ARM64 driver for OpenWRT on D-Link ONR

unlike PON Stick use very specific modified MIPS R3000 SoC, so far no one can compile simple hello beside obtain official Realtek Luna SDK

ARM64? Quite easy to make own binary

I having this same exact issue! It's driving me nuts why suddenly my internet will DC and later internet speed dropped to exactly the speed range you mentioned. (Free upgraded 1Gbps plan, and TM said have to change ONU/router to this). It's running in bridge mode currently.

Not sure if complaining to TM will help.. or if there's any way to resolve the issue/root cause.. reboot seems to fix but it's just the temporary for a few days.

I tried changing all sorts of setting, no point mentioning coz nothing worked.

Since it's a 1 gbps package, I have reverted to to the old huawei onu, it's been two days, speed hasnt' dropped yet. Will wait 1 week and update here (Coz sometimes the speed can tahan 4, 5 days, then suddenly drop again).

My other site is using a 2 gbps package, so using the old onu is not an option. For this site, I'm using an SFP xpon flashed by Anime4000.

Basically, stopped using the dlink ONU's both white and black.

I'm trying to revert to the old Huawei ONU, but for now seems like the PPPoE cannot dial, not sure if the old modem already blacklist or what.. will keep trying.

All the setting still intact, installer didn't reset it so not sure why it's not working.

This post has been edited by MelancholicAnubis: Jul 30 2024, 10:36 PM

You should make a fuss out of it to MCMC. I hope the pressure will stop TM from giving ONR to people.

Same issue I facing before when change DP Fiberhome to DP Nokia.
Their system has bind your ONU/PLOAM Password with S/N (Reason: prevent stolen PLOAM Password)

I believe Huawei HG8240H (and H5 variant) can change S/N in Full Hex,
So, Try this example:


Then, backup your Huawei SN then replace like this 444C4B4934101F1F



It said can put "DLKI34101F1F", try that too

With recent my IPv6 case has been closed, I think TM still giving AIO / ONR for make internet cheaper...

at least TM didn't prevent use of PON Stick,

This post has been edited by Anime4000: Jul 31 2024, 01:03 PM

Joining the DPN-FX3060V Black club. Still in box though.

Welcome, we advice not to use this D-Link because have unpatched CVE

It's has been 1 week, speeds are stable on both sides, one using old ONU, other using the Xpon stick.

This pretty much confirms that the speed throttling issue is only with the black or white D-Link ONR, using bridge mode

I read this thread. Now scared to even look at the DLink.

Later PM you for GPON stick.

feel free to whatsapp me

Also joined the black ONR club.

Is it possible to change the default DNS to Google or Cloudflare on the router?

It isn't as straightforward as the DIR-X3060Z.

can, but Plain DNS, ISP can hijack the query

Understood. Got any pointers on where to change it? Thanks!

via DHCP Server?

Tried changing it. Either I did it wrong or the router is ignoring the settings.