Vulnerability Lab has found that the devices Telestar-Digital GmbH sells have an opening that can allow for the remote hijacking of the devices. VL found that an undocumented Telnet service on Port 23 was present, and as port forwarding was active, the port could be addressed externally. The password that should protect the telnet service was weak, and the researchers were able to crack it by brute force methods in under ten minutes. On Facebook, one researcher estimated that one million devices may be at risk.”]
Source: https://www.darkreading.com/abtv/iot-can-allow-footholds-where-they-are-least-expected/a/d-id/754054