Become a fan of Slashdot on Facebook


Forgot your password?
Security Hardware

600,000 Arris Cable Modems Have 'Backdoors In Backdoors,' Researcher Claims ( 76

An anonymous reader writes: A security researcher using Shodan to probe Arris cable modems for vulnerabilities has found that 600,000 of the company's modems not only have a backdoor, but that the backdoor itself has an extra backdoor. Brazilian vulnerability tester Bernardo Rodrigues posted that he found undocumented libraries in three models, initially leading to a backdoor that uses an admin password disclosed back in 2009. Brazilian researcher Bernardo Rodrigues notes that the secondary backdoor has a password derived in part from the final five digits from the modem's serial number. However, the default 'root' password for the affected models remains 'arris.'
This discussion has been archived. No new comments can be posted.

600,000 Arris Cable Modems Have 'Backdoors In Backdoors,' Researcher Claims

Comments Filter:
  • by Motherfucking Shit ( 636021 ) on Saturday November 21, 2015 @12:41AM (#50973949) Journal

    You can bet NSA has been exploiting this one for years.

  • Yo Dawg (Score:4, Funny)

    by Anonymous Coward on Saturday November 21, 2015 @01:03AM (#50974031)

    "I heard you like backdoors, so I put a backdoor in your backdoor" ... yeah, I can see why someone hasn't posted this yet.

  • Interesting news for all some nations networks.
    Will a VPN ready router with OpenVPN help after the telco hardware?
    Spend another few $ per month to try and secure your computer from the 'provided' hardware.
    This is why everyone needs good crypto. Even the hardware has extra ways in :)
  • Not that surprised (Score:5, Interesting)

    by tap ( 18562 ) on Saturday November 21, 2015 @03:32AM (#50974423) Homepage
    I used to work for Arris. But we did the DVR software, which was originally a different company than the people doing the cable modems. The DVR software is a lot more secure than this. There still a PWOD protected technician interface, the DVRs are remotely managed device, but it doesn't let you do anything that would compromise the software. I'd be interested in seeing how someone would hack it. It shouldn't be possible to get a root shell.

    Someone did want to allow the player to pair over wifi automatically to the gateway by having the WPA2-PSK be derived from the device ID. I tried to stress what a terrible idea that was but those were people in a different division who didn't need to listen to me.
    • by Zebai ( 979227 )

      Good point, even knowing the password for the advanced interface what is the worst that you could do to it? It doesn't let you access any network data or personal details. So you could probably get an idea of how much data I use and a few technical details on the quality of my connection and maybe be able to access my IP address ( which you already have if your seeing the interface). I suppose if you were really nefarious you could probably cause my device to reboot a few times if you wanted to be persisten

    • I'm guessing the DVR was coded to be more secure over the fear that someone may be able to copy the saved entertainment off the DVR and use it.

      Probably nothing more scary for providers than free shareable movies and TV shows.

  • Don't trust any router software unless you can put openwrt on it. The router companies have shown they can not be trusted. All companies are subject to enormous pressure from NSA. Control the software that runs on your router yourself.
    • The problem is that we're talking about a cable modem, not just a regular router. I'm not aware of a single cable modem that's supported by OpenWRT or similar.

      • This is why you don't trust the mixed "cable modem" devices as anything but a cable modem. Many of them also include firewall, DHCP, and wifi features. Unfortunately, the extra "features" help make them more vulnerable to this kind of remote maintenance access password abuse.

  • This is simply hilarious.
    The backdoors are so widespread that there is not much space left for useful software.
    Fuck Backdoors.

  • by Anne Thwacks ( 531696 ) on Saturday November 21, 2015 @05:40AM (#50974721)
    With the name 'Arris, I should of thought it was a dead give away that it had a back door!

    Hint: 'Arris in England has the same meaning as Azz in USA.

    • And for those of us who are from neither of those countries, what meaning are we supposed to garner?
  • Anyone familiar with cockney rhyming slang shoudn't be too surprised when Arris products contain an unexpectedly slack backdoor...
  • Arris Cable Modems Have 'Backdoors In Backdoors,' Researcher Claims

    This is exactly like saying Donald Trump has an asshole.

  • []

    The article in the summary doesnt list which modems are affected as i have an Arris Modem myself, but looks to be the TG862A, TG862G, and DG860A.

    Also notable that a quick glance of reviews on Amazon says there is no end user support for these, they are always ISP controlled.
    • The article in the summary doesnt list which modems are affected as i have an Arris Modem myself, but looks to be the TG862A, TG862G, and DG860A.

      Well actually what they say is "affecting many of their devices including TG862A, TG862G, DG860A" so technically all one can say is that those models are definitely affected, but my reading is that others may be affected as well. Does anyone know of a comprehensive list of every known backdoored Arris model? And yeah, I know, the safe and likely correct answer is "probably all of them."

  • had to buy one of these, one of the only models I could replace my Xfinity rented box with (providing telephone as well as internet). As I understand, it was originally produced for Comcast / Xfinity, or at least Comcast still has a lot of confused technicians who think this Arris was made only for Comcast and can't be purchased... I had to go through 3 techs to get them to hook it up. I wonder if the backdoor of the router was designed in for Comcast, which I can imagine has thought of justifications (

  • I purchased a Motorola modem three years ago. Arris acquired Motorola's modem business, but I do not know when. How can I tell if my modem is affected?

  • "While researching on the subject, I found a previously undisclosed backdoor on ARRIS cable modems, affecting many of their devices including TG862A, TG862G, DG860A."

  • The back door of your back door is: The front door.

The first Rotarian was the first man to call John the Baptist "Jack." -- H.L. Mencken