The Broadband Guide
SG
search advanced
 Username:
 Password:
Register
 forgot password?

Motorola SBG6580 cable modem backdoor can expose clients

2015-04-09 10:12 by
Tags: , ,

 

Independent security researcher Joe Vennix has found several vulnerabilities in Motorola's DOCSIS/EuroDOCSIS 3.0-capable SURFboard SBG 6580 cable broadband modem that, if exploited together, could allow an attacker to perform malicious network reconfigurations.

The vulnerabilities include a false cross-site request (CVE-2015-0965) that lets an arbitrary site log in without the user's knowledge; a hard-coded backdoor (CVE-2015-0966), that could allow hackers to log in with the password yZgO8Bvj; and a cross-site scripting vulnerability in the firewall configuration page (CVE-2015-0964), letting attackers inject Javascript.

All an attacker needs to know is the victim's internal gateway IP address, which is by default 192.168.0.1. By having access to the router's management interface, he can modify router settings and configure the victim's network for further exfiltration and exploitation.

Among the affected firmware versions are: SBG6580–6.5.2.0-GA–06–077-NOSH, and SBG6580-8.6.1.0-GA-04-098-NOSH. Affected users can protect their networks by configuring a custom local firewall that will prevent accidental (or malicious) connectivity.

Read more -here-

 

  Post your review/comments
    rate:
   avg:
comment discuss top
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About