The Broadband Guide
SG
search advanced
 Username:
 Password:
Register
 forgot password?

Backdoor in a backdoor identified in 600000 Arris modems

2015-11-25 01:59 by
Tags: ,

 

A Brazilian researcher has recently found what he called a "backdoor-within-a-backdoor" vulnerability which affects around 600,000 cable modems manufactured by Arris. According to him, the modems contain an undocumented library that acts as a backdoor, in turn allowing privileged logins using a custom password.

"While researching on the subject, I found a previously undisclosed backdoor on Arris cable modems, affecting many of their devices including TG862A, TG862G, DG860A," said Bernardo Rodriques on his personal blog. "As of this writing, Shodan [search engine] searches indicate that the backdoor affects over 600,000 externally accessible hosts and the vendor did not state whether it's going to fix it yet."

In its response to the issue, Arris explained that the company had implemented this access method on certain cable modem products to provide access to technicians, but has since disabled that access in order to minimize any risks to subscribers.

"Security is a top priority at ARRIS," the company said, in a statement. "When it comes to our network and customer premises equipment products, we work actively with security organizations and our Service Provider customers to identify and quickly resolve any potential vulnerabilities to protect the consumers who use our devices. We are aware of the recently reported password vulnerability. The risk related to this vulnerability is low, and we are unaware of any exploit related to it. However, we take these issues very seriously and review them with the highest priority. Our team has been working around the clock on modem updates that address this reported vulnerability."

Read more -here-

 

  User Reviews/Comments:
    rate:
   avg:
by Snipermx - 2015-11-26 10:41
The ARRIS cable módems in Monterrey, Mexico (CABLEVISION ISP) changes their DNS servers "manually" from exterior, the link to russian DNS that adding pop-ups banners and adware
comment discuss top
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About