Thanks a lot for your inputs. But doesn’t BSNL do MAC address binding of the customers actual ONU/ONT and cross verify it upon PPPoE authentication? And if BSNL is aware of this vulnerability they should be encouraging the users to change the default PPPoE password as soon as it’s installed on their premises! They don’t even have a bug free interface that lets the user change their own PPPoE password. And it’s only possible from the native IP pool. These needs to change. And is there any other means that BSNL would be able to do on their part to patch this vulnerability?