An issue that affected a number of low-cost devices was discovered. Attackers had a privileged user access, which allowed them to remotely execute commands on the devices. They were in a position to conduct a man-in-the-middle (MITM) attack.
The responsible binary appeared to be an insecure implementation of an Over-the-air (OTA) mechanism for devices updates associated to Ragentek Group, which is a software company in China. Transactions from the binary to the third-party endpoint occurred over an unencrypted channel, which exposed user-specific information during communications and allowed an adversary to issues commands that were supported by the protocol. One of these commands allowed for the execution of the system commands.