Announcement

Collapse
No announcement yet.

TimeWarner Cable Modems open to Exploit

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    TimeWarner Cable Modems open to Exploit

    http://www.tomshardware.com/news/Tim...rity,8896.html

    Originally posted by Teaser
    "By simply disabling Javascript in the browser, I was able to access all the features of the router. With that access, I am now able to change the wifi settings, port-forwarding, etc.," writes Chen.
    This applies to the SMC8014 Cable modem with Wifi, but I do not know if it also applies to the one without Wifi. If you have one of these you may want to contact your ISP and press them to get it fixed ASAP.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
    Tags: None
  • #2
    Re: TimeWarner Cable Modems open to Exploit

    Originally posted by streaker69 View Post
    http://www.tomshardware.com/news/Tim...rity,8896.html



    This applies to the SMC8014 Cable modem with Wifi, but I do not know if it also applies to the one without Wifi. If you have one of these you may want to contact your ISP and press them to get it fixed ASAP.

    Dude that is so cool. I have the new Comcast SMC DOCSIS 3 modem, and yes they hide stuff that way. There is a vpn section that is normally hidden. You have to turn it off once you are in the modem; past the token login screen.

    xor
    Just because you can doesn't mean you should. This applies to making babies, hacking, and youtube videos.

    Comment

    • #3
      Re: TimeWarner Cable Modems open to Exploit

      On my 8014 without Wifi, the white model, the only extra thing you see is under the LAN section is some PPTP fields. Turning off Javascript also means that you cannot see the current settings, all the fields are blank.

      I'm wondering if this is really only a problem for devices that haven't had their default passwords changed. When I tried turning off javascript before logging in, you couldn't do anything with it, even trying to go directly to a known page on the router.
      A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

      Comment

      • #4
        Re: TimeWarner Cable Modems open to Exploit

        Originally posted by streaker69 View Post
        On my 8014 without Wifi, the white model, the only extra thing you see is under the LAN section is some PPTP fields. Turning off Javascript also means that you cannot see the current settings, all the fields are blank.

        I'm wondering if this is really only a problem for devices that haven't had their default passwords changed. When I tried turning off javascript before logging in, you couldn't do anything with it, even trying to go directly to a known page on the router.
        My experience as well.

        xor
        Just because you can doesn't mean you should. This applies to making babies, hacking, and youtube videos.

        Comment

        Previous template Next
        Working...
        X