Home » News » Researchers: vulnerability in cable modems affects many millions of copies – Computer – News

Researchers: vulnerability in cable modems affects many millions of copies – Computer – News

Researchers have found a vulnerability in cable modems with a Broadcom component. If an attacker gets his target on a rogue webpage, he can remote code execution from the modem. In Europe it would be about 200 million modems.

The vulnerability, which the Danish researchers Cable Haunt is in the Broadcomspectrum analyzer of cable modems. The component is normally used to protect the modem against energy fluctuations in the cable. In addition, providers use it to remotely read the modem. This would not protect against it dns rebinding attacks have standardcredentials and have a firmware error.

Without getting the target on the rogue web page, the attack does not work; the spectrum analyzer is only accessible from the lan. An alternative to this approach is for the attacker to connect to the network and address the modem himself. Once near the modem, it’s a matter of one buffer overflowattack and a malicious person can execute code from the modem. The researchers provide examples of objectives: changing the dns server, performing mitm attacks, replacing the firmware as a whole, adding the modem to a botnet and more.

The researchers have drawn up a list of vulnerable modems, but say that many more models may be vulnerable, given the large number. The Netherlands’ largest cable provider, Ziggo, usually supplies customers with a Compal CH7465LG-ZG, but it is not on the list. The Compal 7284E and 7486E do. However, it is not certain that Ziggo modems will fall out of this. For those who can and want to test this at home themselves, the researchers have a script on their site.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.