- Joined
- May 18, 1997
- Messages
- 55,634
For a limited time your brand new ARRIS modem model numbers NVG589 and NVG599 are being supplied to you with three hardcoded features that you will find in few others. These models allow root access through SSH, built-in webserver, hardcoded passwords that come attached to your modems serial number. BUT WAIT! There's more. A bit of sneaky HTTP on port 49152 can get you exposed as well. So, don't walk, but run to your ARRIS modem and get these things fixed.
Seriously, if you own an ARRIS modem, you will want to look into this and follow the fix it link above. HardOCP security experts tell us there are over 92,000 of these routers currently identified as being online currently, and another 40,000 worldwide. Tampa and Sarasota in Florida, and Plano, TX top the online list.
According to Nomotion, the flaws are found in both the standard Arris firmware, but also in the extra code added on top by OEMs. In their research, experts looked at an Arris modem installed on the network of AT&T.
Researchers said the flaws affect NVG589 and NVG599 modems. Both models aren't available through the Arris website and appear to be discontinued products. Based on Censys and Shodan data, researchers believe there are at least 220,000 of these vulnerable modems connected online.
Seriously, if you own an ARRIS modem, you will want to look into this and follow the fix it link above. HardOCP security experts tell us there are over 92,000 of these routers currently identified as being online currently, and another 40,000 worldwide. Tampa and Sarasota in Florida, and Plano, TX top the online list.
According to Nomotion, the flaws are found in both the standard Arris firmware, but also in the extra code added on top by OEMs. In their research, experts looked at an Arris modem installed on the network of AT&T.
Researchers said the flaws affect NVG589 and NVG599 modems. Both models aren't available through the Arris website and appear to be discontinued products. Based on Censys and Shodan data, researchers believe there are at least 220,000 of these vulnerable modems connected online.