antdudeMatrix Ant Premium Member join:2001-03-25 US 1 edit
1 recommendation |
antdude
Premium Member
2014-Jun-24 11:41 pm
Arris Cable modems sharing TMI online.» [Internet] How did this happen?That's scary. :/ I wonder if other modem brands do this too. |
|
2 recommendations |
Culet
Anon
2014-Jun-25 12:31 am
What is the risk to an Arris user without a router or WiFi? Wondering should I go back to the old Surfboard... |
|
|
nony Premium Member join:2012-11-17 New York, NY
2 recommendations |
to antdude
|
|
Cthen Premium Member join:2004-08-01 Detroit, MI
1 recommendation |
to antdude
It's not all that scary. What is the worse to happen? Some one can read the info but can't do anything with it? You still need the password to access the advanced section to be able to do anything besides read the info. Even if some one had the password all they can do is reconfigure the modem. It's not like they can gain access to some one's life this way.
Still shouldn't be happening but not as scary as everyone is making out to be. |
|
nony Premium Member join:2012-11-17 New York, NY 2 edits
2 recommendations |
nony
Premium Member
2014-Jul-2 8:41 pm
One PoC Scenario-
war drive find Arris unit join prv net do crime - (threaten a judge for best results) watch front door of mark disappear
Many more scenarios.
It gets better!
-nony |
|
Cthen Premium Member join:2004-08-01 Detroit, MI
1 recommendation |
Cthen
Premium Member
2014-Jul-3 7:24 am
That's IF you know where that person lives (which these pages do not give out). Sure, you can make the ones with WiFi unsecured but, how do you get their home address after that? It's nothing but a modem diagnostics page. Everything you describe is possible on any open WiFi and not just Arris ones either.
Again, this still shouldn't be happening but far from a "Chicken Little" scenario. |
|
nony Premium Member join:2012-11-17 New York, NY |
nony
Premium Member
2014-Jul-3 9:31 am
|
|
3 recommendations |
to Cthen
said by Cthen:That's IF you know where that person lives (which these pages do not give out). Sure, you can make the ones with WiFi unsecured but, how do you get their home address after that? Two biggest cable providers(Comcast, TWC) uses Arris modems. It will not be hard to find one. |
|
nony Premium Member join:2012-11-17 New York, NY |
nony
Premium Member
2014-Jul-4 2:14 am
And you can always go to wigle and not war drive at all. » wigle.net/-nony |
|
Cthen Premium Member join:2004-08-01 Detroit, MI |
to bluepoint
said by bluepoint:said by Cthen:That's IF you know where that person lives (which these pages do not give out). Sure, you can make the ones with WiFi unsecured but, how do you get their home address after that? Two biggest cable providers(Comcast, TWC) uses Arris modems. It will not be hard to find one. Didn't mean to recommend, just wanted to see who else smoking something and getting all too paranoid. It's not hard to find any open WiFi and pull something off. The situation that Nony describes can happen on a "McD's" open WiFi/modem, Starbucks, any pub/bar WiFi, or any others listed at wigle.net It's not hard to find an open WiFi period and cause someone problems. I know some want to feel important by saying this is something bigger than what it really is but let's face it, simply reading modem pages over the internet doesn't mean the sky is falling. |
|
nony Premium Member join:2012-11-17 New York, NY 3 edits |
nony
Premium Member
2014-Jul-4 8:25 am
Hey Buddy, I'm referring to private WPA2 keys being exposed in this thread and additional attack vectors. It's clear that you are confused because you didn't bother to read the details Can you say WPA2? » NYC TWC - Just got the Arris TG862 - can't access Web GUI-nony |
|
1 edit
1 recommendation |
to Cthen
said by Cthen:I know some want to feel important by saying this is something bigger than what it really is but let's face it, simply reading modem pages over the internet doesn't mean the sky is falling. When there is a backdoor opening to a modem router, it will not take long for a determined baddy to take advantage of the opportunity. The first step is always to gain access then they figure it out. |
|
nony Premium Member join:2012-11-17 New York, NY |
nony
Premium Member
2014-Jul-4 10:31 am
@Cthen And we sure have a number of known backdoors as has been presented (and presented and presented) » www.hopenumbernine.net/t ··· 9B22.mp3-nony |
|
1 recommendation |
Combover to bluepoint
Anon
2014-Jul-4 10:33 am
to bluepoint
As in 'What's the worst that can happen?' Then the worst happens. |
|
owlyn MVM join:2004-06-05 Newtown, PA
1 recommendation |
to antdude
I'm on Comcast with an Arris modem. When I try to access my Comcast IP address from outside my network (using my iPhone over LTE), all I get is a 502 Bad gateway error. |
|
1 recommendation |
to antdude
since only new arris modems seem to be affected by this issue, i would think that they must have something configured wrong, right?
i agree with bluepoint, i think it is just a matter of time before the cybercriminals figure out a way to exploit this.. |
|
Bill_MIBill In Michigan MVM join:2001-01-03 Royal Oak, MI TP-Link Archer C7 Linksys WRT54GS Linksys WRT54G v4
1 recommendation |
said by redwolfe_98:since only new arris modems seem to be affected by this issue, i would think that they must have something configured wrong, right? I'm not so sure it's only new modems. A few years ago I mistyped my 172. private address and found myself looking at someone's Arris modem page. It wasn't difficult to find my own modem's 172. address and confirm it identical to the usual 192.168.100.1 page (it was in the logs of all places). So any customer of WOW could access every other customer's modem! Long story short, I told the rep in the WOW forum here and it was eventually locked down. No, it wasn't public addresses but I'll bet the combo of this exact same system combined with the clueless caused this same issue. Someone just used public addresses. |
|
nony Premium Member join:2012-11-17 New York, NY
1 recommendation |
nony
Premium Member
2014-Jul-6 5:12 am
Technically, it's a function of a few NVRAM variables which can be set in a few places. See the sample XML files in your image.
What the software engineers advise, can be very different than what the product managers approve.
-nony |
|