back to article Optus cable routers let anyone change passwords, says tech

University of Sydney tech Paul Szabo says Netgear routers provided by Australian telco Optus contain a vulnerability that allows attackers to change admin passwords without knowing the existing credentials. The bug in the CG3000v2 cable modem means attackers could enter anything into the current password field to change the …

  1. Toru Nagisa
    IT Angle

    I just contacted Optus and ended up speaking with technical support. The gentleman I spoke with denied the vulnerability existed (or had no knowledge of it), and told me I'd be safe from 'hackers.' Luckily, I haven't yet installed my CG3000v2 - I think it will stay in the box for now.

  2. malk271

    Optus DSL Modems also insecure

    Optus DSL Modems also insecure

    The Sagemcom ADSL routers supplied by Optus also have fairly significant and easy to find security holes, not the least of which is that anyone can log into the router and perform admin tasks without supplying any credentials. The admin passwords are hardcoded into the javascript of some of the pages, in plain text, and can also be retrieved from an undocumented interface that dumps out all of the configuration information, including passwords (both in the clear and as base64 encoded text (IIRC). The password does appear to be changed by firmware updates from time to time, but it is straightforward to retrieve the information.

    It's quite easy to pull information about the router, and there are forum threads on Optus' web site as well as whirlpool on this topic. Furthermore, parental controls are prominently displayed on the main page of the router interface, but are completely useless, because anyone on the network can change them.

    When I contacted Optus about my concerns, they were dismissive of any security issues, as the firmware is in their opinion working by design, and is therefore not defective. When pressed, Optus support blamed the device manufacturer for the firmware, despite it obviously being an Optus-specific software implementation, and suggested I contact Sagemcom directly.

  3. Anonymous Coward
    Anonymous Coward

    Nothing's changed since the beginning it seems.

    I was one of the very first beta-testers for the Optus cable modem service. Twenty odd years makes the details fuzzy, but essentially they implemented an alpha free content service as a Windows file share with a netmask of 255.255.255.0. (If i've got that right.) In other words, anyone who had file sharing turned on on their machine, was wide open to every other person on their subnet.

    AC just in case there's an NDA I forget signing.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like