Millions of Cable Modems vulnerable to CableHaunt

15th January 2020

Cable modems that include a Broadcom spectrum analyzer are likely to be vulnerable to a vulnerability that has been labeled CableHaunt. The quick test is, while you are at home, using your cable modem to access the internet visit http://192.168.100.1:8080 if you see a Spectrum Analyzer, you are likely at risk.

What can you do? Wait until your internet provider updates the firmware on your cable modem. The firmware is not available for you to do this yourself. In the meantime, the exploit needs your PC to run some code that visits the webpage above and types too much info into a short box. To avoid this you can make a rule in your firewall (you have a firewall between your cable modem and your computer…right?!?) that blocks access to 192.168.100.1:8080 from any PC on your home network.

https://www.zdnet.com/article/hundreds-of-millions-of-cable-modems-are-vulnerable-to-new-cable-haunt-vulnerability/