Imperial Dabman IoT radios have a weak password vulnerability that could allow a remote attacker to gain root access to the gadgets embedded Linux BusyBox operating system. The issue (CVE-2019-13473) exists in an always-on, undocumented Telnet service (Telnetd) that connects to the radio. Telstar said that it is discontinuing the use of Telnet going forward, and has launched manual binary patches for existing deployments. An attacker could also uncover the Wi-Fi password for any network the radio is connected to. Remote attackers can also snoop to see radio streams or listen to messages.
Source: https://threatpost.com/million-iot-radios-hijack-telnet-backdoor/148123/