Time Warner cable modems exposed to hackers

**Glaswegian** · 10-22-2009, 01:40 PM

A blogger helping to tune a friend's wi-fi network uncovered a gaping security hole in Wi-Fi cable modem routers installed in 64,000 Time Warner subscribers' homes, leaving them open to attack.

Time Warner says that within the past week it has patched the problem until the manufacturer can provide a permanent fix, but before that it had allowed administrative access to the routers. Attackers could then run a variety of programs against these routers, says David Chen in his blog Chenosaurus.

Because the vulnerability let anyone anywhere on the Internet take over control of the router, they could launch attacks from within Time Warner customers' homes.

"From within your own network, an intruder can eavesdrop on sensitive data being sent over the Internet and even worse, they can manipulate the DNS address to point trusted sites to malicious servers to perform man-in-the-middle attacks," Chen writes.

"Someone skilled enough can possibly even modify and install a new firmware onto the router, which can then automatically scan and infect other routers automatically."

Chen says he discovered that administrative control of the routers had been blocked by a Java script. He disabled Java on his friend's router and had access to all the router's settings. He opened the backup configuration file and discovered the administrative login and password in plaintext.

http://news.techworld.com/security/3...ckers/?olo=rss

10-22-2009, 01:40 PM	#1 (permalink)
Glaswegian Moderator/ Rangemaster TSF Academy; Analyst, Security Team; Oor Wullie; TSF Surgeon and Resident Comic Join Date: Sep 2005 Location: Glasgow Posts: 25,377 OS: Win XP Pro SP3 / Win 7 Pro My System Blog Entries: 10	Time Warner cable modems exposed to hackers A blogger helping to tune a friend's wi-fi network uncovered a gaping security hole in Wi-Fi cable modem routers installed in 64,000 Time Warner subscribers' homes, leaving them open to attack. Time Warner says that within the past week it has patched the problem until the manufacturer can provide a permanent fix, but before that it had allowed administrative access to the routers. Attackers could then run a variety of programs against these routers, says David Chen in his blog Chenosaurus. Because the vulnerability let anyone anywhere on the Internet take over control of the router, they could launch attacks from within Time Warner customers' homes. "From within your own network, an intruder can eavesdrop on sensitive data being sent over the Internet and even worse, they can manipulate the DNS address to point trusted sites to malicious servers to perform man-in-the-middle attacks," Chen writes. "Someone skilled enough can possibly even modify and install a new firmware onto the router, which can then automatically scan and infect other routers automatically." Chen says he discovered that administrative control of the routers had been blocked by a Java script. He disabled Java on his friend's router and had access to all the router's settings. He opened the backup configuration file and discovered the administrative login and password in plaintext. http://news.techworld.com/security/3...ckers/?olo=rss __________________ Iain - Defender of the Haggis and all things Scottish. I don't help by PM - post in the Forums. PC Safety & Security::PC running a bit slow?::Donate::Photographers Corner