If you have one of these cable modems..
Super Hub 3 (Arris TG2492LG) (commonly - virgin media)
Hitron CGN3 / CDA / CGNV series modems:
Hitron CGNM-3552 (commonly - Rogers)
Hitron CGN3 (eg CGN3-ACSMR) 2013 link
Hitron CGNM-2250 (commonly - Shaw)
Netgear AC1750 C6300 AC1900
Telstra Gateway Max (Netgear AC1900 / C6300) (Australia) 2014 link.
Cisco DPC3848V (eg »High latency/ping to Shaw router? )
Cisco DPC3941B / DPC3941T (commonly - Comcast Xfinity XB3)
Compal CH7465-LG / Arris TG2492LG (commonly - Virgin Media Hub 3)
Samsung "Home Media Server"
Read This- http://www.dslreports.com/forum/r31122204-SB6190-Puma6-TCP-UDP-Network-Latency-Issue-Discussion Before you blame anything else on your network for erratic pings and lost packets..
And on top of that, the netgear models have a firmware bug that allows them to be broken into, and controlled remotely. To my knowledge it has not been patched yet in 90% of the models. They claimed the issue only affected a small group of models, but we discovered it affects pretty much all of them. Allows a remote attacker to reset the admin password, then login as normal, and used in conjunction with another exploit, they can get shell access and use the modem to do evil things.
Also affects lenovo modems, but those are pretty rare, they are made by netgear, and use netgear firmware with the logos and graphics swapped out.
At the time of discovery netgear did not have the C6300 listed as affected, but we confirmed it is ourselves when we used the proof of concept on it, and were able to reset the password. Any of the models that have the GENIE interface are 100% affected, and some others as well.
Turns out these are worse than originally thought..
There is some pertinent information these last couple of days before this post but this pretty much says it all. These models are done.
anajames last edited by
This is quite a revelation, i use a Netgear C6300.
the C6300 has a firmware flaw allowing it to be broken into remotely, and used as a zombie/botnet drone.
anajames last edited by
Should i consider replacing it with something else?
dhoffman98 last edited by
I would say so. If you are vulnerable, then either fix the problem or replace the hardware.
If your manufacturer released updated firmware, then it might fix the problem.
I recommend replacing a c6300 with a Standard Modem, not a modem/router combo, and put a pfsense behind it.
jtl last edited by
Wonder if the NetGear vulnerability allows DOCSIS certs to be cloned and that like?
A friend and I found some vulnerabilities in the Hitrons a while back. Sadly not remotely exploitable but they did allow root shell access.