A backdoor was set in the backdoor of the cable modem

A backdoor is found in ARRIS cable modem, and the presence of a backdoor in the backdoor is also important for embedded devices and web application related blogsW00tsecIt was discovered by the investigation.

W00tsec: ARRIS Cable Modem has a Backdoor in the Backdoor
https://w00tsec.blogspot.jp/2015/11/arris-cable-modem-has-backdoor-in.html


We have w00tsec invited to security conferenceBernardo RodriguesMr. said he decided to talk about "cable modem security" because cable modem hacking is still mainstream. According to Rodrigues, the upgrade of cable modem firmware and software is controlled by an Internet service provider (ISP), and it is difficult to secure security because users can not manage them.

Rodrigues investigated the ARRIS cable modem for the conference's speech and found that a closed backdoor affecting many devices such as "TG862A", "TG862G", "DG860A" was discovered. Search engine for IoT "Shodan SearchAccording to Mr. Rodrigues, "It is unclear whether ARRIS is aware of its existence or whether it is moving for revision", said Rodrigues, who said the backdoor affected more than 600,000 external hosts I said.

Furthermore, when I analyzed the backdoor of ARRIS's SOHO (ISDN) cable modem, I found that a backdoor code was found in the back door authentication check item. Rodrigues warns of the possibility of full remote access from ARRIS cable modems due to the presence of multiple backdoors and the risk of generating access keys based on the cable modem serial number.


Rodrigues said, "Twitter search"Arris dns"It is necessary to investigate the hazards by media vulnerability and urge the countermeasures of ISP even if we examine the word" Just a note that the cable modem is vulnerable. "

A movie showing the existence of back door of ARRIS cable modem is also released.

ARRIS Cable Modem - Serial Backdoor - YouTube