AOH :: ISNQ5548.HTM

Time Warner Cable Exposes 65, 000 Customer Routers to Remote Hacks




Time Warner Cable Exposes 65, 000 Customer Routers to Remote Hacks
Time Warner Cable Exposes 65, 000 Customer Routers to Remote Hacks



http://www.wired.com/threatlevel/2009/10/time-warner-cable/ 

By Kim Zetter  
Threat Level
Wired.com
October 20, 2009

A vulnerability in a Time Warner cable modem and Wi-Fi router deployed 
to 65,000 customers would allow a hacker to remotely access the device's 
administrative menu over the internet, and potentially change the 
settings to intercept traffic, according to a blogger who discovered the 
issue.

Time Warner acknowledged the problem to Threat Level on Tuesday, and 
says it's in the process of testing replacement firmware code from the 
router manufacturer, which it plans to push out to customers soon.

"We were aware of the problem last week and have been working on it 
since," said Time Warner spokesman Alex Dudley.

The vulnerability lies with Time Warner.s SMC8014 series cable 
modem/Wi-Fi router combo, made by SMC. The device is one of several 
options Time Warner offers to customers who don't want to install their 
own modem and router to use with the company's broadband service. The 
device is installed with default configurations, which customers can 
alter only slightly through its built-in web server. The most customers 
can do through this page is add a list of URLs they want their router to 
block.

But blogger David Chen, writing at chenosaurus.com, recently discovered 
he could easily gain remote access to an administrative page served by 
the router that would allow him greater control of the device.

[...]


________________________________________ 
Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 
http://www.infosecnews.org 

Site design & layout copyright © 1986-2014 CodeGods