gfxgfx
 
Please login or register.

Login with username, password and session length
 
gfx gfx
gfx
76793 Posts in 13502 Topics by 1651 Members - Latest Member: Arnold99 November 27, 2024, 12:40:10 am
*
gfx*gfx
gfx
WinMX World :: Forum  |  Discussion  |  WinMx World News  |  Time Warner Cable Exposes 65,000 Customer Routers to Remote Hacks
gfx
gfxgfx
 

Author Topic: Time Warner Cable Exposes 65,000 Customer Routers to Remote Hacks  (Read 689 times)

0 Members and 3 Guests are viewing this topic.

Offline DaBees-Knees

  • WMW Team
  • *****
http://www.wired.com/threatlevel/2009/10/time-warner-cable/

Quote
A vulnerability in a Time Warner cable modem and Wi-Fi router deployed to 65,000 customers would allow a hacker to remotely access the device’s administrative menu over the internet, and potentially change the settings to intercept traffic, according to a blogger who discovered the issue.

Time Warner acknowledged the problem to Threat Level on Tuesday, and says it’s in the process of testing replacement firmware code from the router manufacturer, which it plans to push out to customers soon.

“We were aware of the problem last week and have been working on it since,” said Time Warner spokesman Alex Dudley.

The vulnerability lies with Time Warner’s SMC8014 series cable modem/Wi-Fi router combo, made by SMC. The device is one of several options Time Warner offers to customers who don’t want to install their own modem and router to use with the company’s broadband service. The device is installed with default configurations, which customers can alter only slightly through its built-in web server. The most customers can do through this page is add a list of URLs they want their router to block.

But blogger David Chen, writing at chenosaurus.com, recently discovered he could easily gain remote access to an administrative page served by the router that would allow him greater control of the device.

Chen, founder of a software startup called Pip.io, said he was trying to help a friend change the settings on his cable modem and discovered that Time Warner had hidden administrative functions from its customers with Javascript code. By simply disabling Javascript in his browser, he was able to see those functions, which included a tool to dump the router’s configuration file.

That file, it turned out, included the administrative login and password in cleartext. Chen investigated and found the same login and password could access the admin panels for every router in the SMC8014 series on Time Warner’s network — a grave vulnerability, given that the routers also expose their web interfaces to the public-facing internet.

Ooooooops.  :gum:

Offline Lagerlout666

  • Forum Member
Re: Time Warner Cable Exposes 65,000 Customer Routers to Remote Hacks
« Reply #1 on: October 26, 2009, 10:07:52 am »
Not uncommen. Givin also the fact that thompson had the same issue not so long ago. and many boxs are still open for attack from a phising site.
The Solution to 99% of winmx problems

nap.winmxgroup.net        -ONLINE again YAY!!!!!! :D

Praise's daily at the church of "Kopimi"

WinMX World :: Forum  |  Discussion  |  WinMx World News  |  Time Warner Cable Exposes 65,000 Customer Routers to Remote Hacks
 

gfxgfx
gfx
©2005-2024 WinMXWorld.com. All Rights Reserved.
SMF 2.0.19 | SMF © 2021, Simple Machines | Terms and Policies
Page created in 0.013 seconds with 22 queries.
Helios Multi © Bloc
gfx
Powered by MySQL Powered by PHP Valid XHTML 1.0! Valid CSS!