Menu
Reply
  • 1
  • 0
  • 0
Joining in
959 Views
Message 1 of 7
Flag for a moderator

Cable Haunt issue

I just heard about the Cable Haunt vulnerability issue with most cable modems. Is anyone at virgin media looking into this vulnerability?

BR

John

 

 

0 Kudos
Reply
Highlighted
  • 55
  • 5
  • 1
Dialled in
949 Views
Message 2 of 7
Flag for a moderator
Helpful Answer

Re: Cable Haunt issue

IIRC, the exploit impacts routers with Broadcom CPU's.


I know the SH3 and SH4 are intel powered, how about the older routers?

0 Kudos
Reply
Highlighted
  • 13.22K
  • 522
  • 1.21K
Alessandro Volta
924 Views
Message 3 of 7
Flag for a moderator

Re: Cable Haunt issue

It would seem VM for the super hub 1 has blocked off port 8080 to 192.168.100.1 on the hub to not have that vulnerability.

You can have a firewall to only allow only port 80 and ICMP to 192.168.100.1 to not have this problem.

the attack is from your LAN by a browser by your end not remotely by WAN side

0 Kudos
Reply
Highlighted
  • 12
  • 0
  • 3
On our wavelength
819 Views
Message 4 of 7
Flag for a moderator

Re: Cable Haunt issue

This isn't solved. This a mitigation that most of the customers will struggle to implement.

This issue has been known about by ISPs since MAY 2019, the fix has been published a requires a firmware which can only be done by the ISP. Which I suspect there will be reluctance as this causes an outage for ~1hr. But if the bad guys get in first they can upload their own firmware which will lock out the ISP..  What are you planning to do about this?

Exploit code is already available if you search for it..  I don't think this can be ignored.

https://cablehaunt.com 

 

 

 

 

 

0 Kudos
Reply
Highlighted
  • 2.34K
  • 146
  • 601
Problem sorter
796 Views
Message 5 of 7
Flag for a moderator

Re: Cable Haunt issue

Do we know which (if any) VM routers are affected? Hub 3 and Hub 4 definitely aren't, neither is the SH2ac which was a Puma 5. Not sure about the original SH2 and SH1.

0 Kudos
Reply
Highlighted
  • 27.07K
  • 1.18K
  • 4.58K
Very Insightful Person
Very Insightful Person
787 Views
Message 6 of 7
Flag for a moderator

Re: Cable Haunt issue

the SH1 and 2 are EOL so they will not get patched even if they are effected.

As a Very Insightful Person, I'm here to share my knowledge. I don't work for Virgin Media.

Click to learn more about VIP

Use Kudos to say thanks

Mark as Helpful Answer if I've helped

0 Kudos
Reply
Highlighted
  • 6.99K
  • 238
  • 1.38K
Community Lead
Community Lead
409 Views
Message 7 of 7
Flag for a moderator

Re: Cable Haunt issue

Hi everyone,

As you’d expect, we regularly test our equipment in light of new security developments. Following further investigation we can confirm that we are not exposed to these issues on our product portfolio.

Kev

The do's and don'ts. Keep the community welcoming for all. Follow the house rules


0 Kudos
Reply