Is the CODA-4680 modem susceptible to the Cable Haunt vulnerability?

hc0468
hc0468 Posts: 168 ✭✭

 For starters, does the CODA-4680 use Broadcom chips? Even the product description and datasheet do not mention specific hardware.

Answers

  • Mike
    Mike Posts: 21,558 ✭✭
    If you are afraid set the DNS on your device and you should be ok
  • hc0468
    hc0468 Posts: 168 ✭✭

    Setting a static DNS won't prevent this exploit.

    "While DNS rebind can be used in the exploit as explained in the report, it is significantly easier for an attacker to exploit the modem via a direct javascript request."

     

    Direct link to the website dedicated to this vulnerability: https://cablehaunt.com/

  • Mike
    Mike Posts: 21,558 ✭✭

    This Break SSL/TLS? No. This does not break encryption, as long as your connection is properly established between you and the intended recipient. However, your modem is most likely doing your DNS lookups and can act as a proxy, so you might still be in some trouble. With mechanisms like HSTS, exploiting this is becoming increasingly difficult, but not impossible.

     

    therefore if you are setting a static DNS directly in your pc you should minimize problems 

  • Olivier R. #3666
    Olivier R. #3666 Posts: 1,714 ✭✭
    This ine is not for me
  • hc0468
    hc0468 Posts: 168 ✭✭

    @Mike, again, static DNS does not protect from being exploited. It mitigates some of the consequences, but that's really besides the point.

     

    The easiest way to confirm not being affected by this would be if we can confirm the modem is not using Broadcom chips.

  • Funny I was wondering the same thing
  • Mike
    Mike Posts: 21,558 ✭✭
    @hc0468 I agree with you that the modem can be still hacked, but I believe that you must try to protect yourself.
    If the modem is hacked, they can modify the firmware, therefore, they can do everything
  • hc0468
    hc0468 Posts: 168 ✭✭

    @Mike Yes, getting the modem compromised would leave the user helpless, since only the ISP has control over it and firmware updates. I have had static DNS specified in my router long before this. As a side note, Fizz/Videotron seem not to implement DNSSEC, which would be broadly helpful. My previous ISP did.

     

    @Chris I don't see anything about Intel Puma in that link, but if we can confirm it at least it will be a silver lining.


    P.S. The link I provided in my original post to the article describing the Cable Haunt vulnerability has vanished... It's annoying that there seems to be silent moderator action going on. Is linking to external sites not allowed in the Community Hub? Anyone interested to learn more will have to search for themselves.

  • hc0468
    hc0468 Posts: 168 ✭✭

    Ah it is in the datasheet after all! Intel Puma 7 is mentioned in the subheading, and not in the specifications section...

    Ok, so we can sleep better knowing this vulnerability does not affect the CODA-4680.

This discussion has been closed.