Arris Cable Modems Weak

Posted on by

Bernardo Rodrigues has found a "double security threat" in Arris cable modems. The vulnerability was published on Oct 2013 and it still works (archived). This threat affects at least 600`000 modems and has been likely exploited. Compromised models include the TG862A, TG860A and DG860A.

This security orifice allows an attacker to control and rewrite the modems firmware by using a password derived from the HFC MAC address, a problem commonly sold as a feature allowing easy wireless network set up. In a blog post, Rodrigues explains with details and a  video how he made the discovery (archived).

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>