Arris Cable Modem Speed Hack
Arris Cable Modem Troubleshooting
Attackers can exploit the flaws in the ARRIS SURFboard cable modems to remotely knock out the device, more than 135 million device open to attacks. The security expert David Longenecker reported security vulnerabilities affecting the popular broadband cable SURFboard modems produced by the ARRIS (formerly Motorola). The is available for sale for around $70 US, it is able to support over 150 megabit speeds and works with all almost every US Internet provider. Attackers can exploit the flaws in the ARRIS SURFboard modems to remotely knock out the device for a period of time that could reach 30 minutes, more than 135 million devices are at risk.
When using a cable modem as your high speed Internet connection you typically connect the modem to your computer and launch the Internet. How to Unlock Cable Modem.
The attackers can rebooting the SURFboard modems remotely without authentication due to the presence of cross-site request forgery vulnerability. “Rebooting one remotely is so easy, it doesn’t even require a password. ” states Longenecker in a. “Certain SURFboard modems have an unauthenticated cross site request forgery flaw.
The modems have a static IP address that is not consumer-changeable, and the web UI does not require authentication – no username or password is required to access the administration web interface.” An unauthenticated attacker can access the user interface of the cable modems. A local attacker can access the administration web interface (192.168.100.1) without being authenticated. “With access to a local network, it is a trivial matter to reboot the modem serving that network, causing a denial of service while the modem reboots. Granted the modem only takes about 3 minutes to reboot, but for those three minutes, Internet access is offline. Additionally, activity sensitive to network outages (long downloads or remote desktop sessions, for example) may abort. ” added the expert. This means that a local attacker is able to restart the device, same result is possible to obtain if he uses a social engineering trick to convince the victim into clicking the following link: This reset of the cable modems is a time-consuming process that can take as long as a half hour and that in some cases could need the support of the internet service provider (ISP) to restore the normal operation.
Aug 30, 2017 Windows › General › RFHUTIL 7.0. Developed by Delivered by Citrix. Please visit the main page of RFHUTIL on Software Informer.
- Hack Everything. Hackers aren't. Don't Hack Your Cable Modem. In order to create these different levels of service, providers cap your modem's speed.
- Explore how the people of ARRIS can help you get the most out of your service delivery investments.
Longenecker discovered a second flaw, a cross site request forgery (CSRF), in the SURFboard modems that could be abused by attackers to launch the above command without using the device user interface. “In this case, the intended design is for a user to access the SURFboard administration interface, and then click a link to execute a reboot. The application though does not verify that the command was issued from the administration UI. When an application does not verify that a command was issued from within the application, the possibility of CSRF exists.” “Did you know that a web browser doesn’t really care whether an “image” file is really an image? Causing a modem to reboot is as simple as including an “image” in any other webpage you might happen to open – which is exactly the approach taken on the proof of concept: Of course it’s not a real image, but the web browser doesn’t know that until it requests the file from the modem IP address – which of course causes the modem to reboot. Imagine creating an advertisement with that line of code, and submitting it to a widely-used ad network” The good news is that the vulnerabilities are easy to patch, the vendor just needs to issue a firmware update that implements an authentication mechanism for the reboot and reset of the cable modems, and implement a mechanism to prevent CSRF attacks. The bad news is that cable modems could not be upgraded by the end-user, instead the patches have to be distributed by ISP once it is available and we all know the problems related to patch management processes. UPDATE April 12, 2016 “ ARRIS recently addressed the reported GUI access issue with a firmware update.
We are in the process of working with our Service Provider customers to make this release available to subscribers. There is no risk of access to any user data, and we are unaware of any exploits. “ “According to the experts of the company, the active population of modems impacted by the issue is less than 10 percent of the initially reported 135M number”. Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at 'Cyber Defense Magazine', Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog 'Security Affairs' recently named a Top National Security Resource for US. Pierluigi is a member of the 'The Hacker News' team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books 'The Deep Dark Web' and “Digital Virtual Currency and Bitcoin”.
Comments are closed.