Motorola SBG6580 cable modem backdoor can expose clients2015-04-09 10:12 by Daniela
Tags: Motorola, SBG6580, modem
Independent security researcher Joe Vennix has found several vulnerabilities in Motorola's DOCSIS/EuroDOCSIS 3.0-capable SURFboard SBG 6580 cable broadband modem that, if exploited together, could allow an attacker to perform malicious network reconfigurations.
All an attacker needs to know is the victim's internal gateway IP address, which is by default 192.168.0.1. By having access to the router's management interface, he can modify router settings and configure the victim's network for further exfiltration and exploitation.
Among the affected firmware versions are: SBG6580–220.127.116.11-GA–06–077-NOSH, and SBG6580-18.104.22.168-GA-04-098-NOSH. Affected users can protect their networks by configuring a custom local firewall that will prevent accidental (or malicious) connectivity.
Read more -here-