Saturday November 21, 2015

Researcher: 600,000 Arris Cable Modems Have "Backdoors In Backdoors"

Yo dawg, I heard you’re scared of backdoors, soآ…

During analysis of the backdoor library and the restricted shells, Rodrigues that a backdoor had been put in the backdoor. Rodrigues says that the undocumented backdoor password is based on the final five digits from the modem’s serial number. After logging in on the Telnet/SSH with these passwords, a full busybox shell is the result. Rodrigues concludes that he is "pretty sure" that these flaws on the devices have been exploited for some time.