Arris cable modems contain an undocumented backdoor vulnerability and XSS and CSRF

Discussion in 'other security issues & news' started by ronjor, Nov 20, 2015.

  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    164,083
    Location:
    Texas
    http://www.kb.cert.org/vuls/id/419568
     
    ronjor, Nov 20, 2015
    #1
  2. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,466
    Groovy... I have one of those. And it doesn't look like coax cable modems are available in PCI card form. Sigh.
     
    Gullible Jones, Nov 20, 2015
    #2
  3. prius04

    prius04 Registered Member

    Joined:
    Apr 14, 2007
    Posts:
    1,248
    Location:
    USA
    Aren't all of those Arris models cable modem/routers (wireless gateways)? Further, aren't they all eMTAs?
     
    prius04, Nov 20, 2015
    #3
  4. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,402
    Wouldn't a solid linux router behind this "mess" mitigate much of the risk? Just wondering what the harm would be for an average home network with the assumption of a solid router being in place behind these bad modems?
     
    Palancar, Nov 23, 2015
    #4
  5. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    14,883
    Location:
    Slovenia, EU
    Minimalist, Apr 7, 2016
    #5
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...