Arris cable modems contain an undocumented backdoor vulnerability and XSS and CSRF

Discussion in 'other security issues & news' started by ronjor, Nov 20, 2015.

  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,727
    Location:
    Texas
    http://www.kb.cert.org/vuls/id/419568
     
  2. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,459
    Groovy... I have one of those. And it doesn't look like coax cable modems are available in PCI card form. Sigh.
     
  3. prius04

    prius04 Registered Member

    Joined:
    Apr 14, 2007
    Posts:
    1,238
    Location:
    USA
    Aren't all of those Arris models cable modem/routers (wireless gateways)? Further, aren't they all eMTAs?
     
  4. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,591
    Wouldn't a solid linux router behind this "mess" mitigate much of the risk? Just wondering what the harm would be for an average home network with the assumption of a solid router being in place behind these bad modems?
     
  5. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,055
Loading...