Welcome to Comcast Help & Support Forums
Find solutions, share knowledge, and get answers from customers and experts

New to the Community? Start here.

5,609,229

members

9

online now

1,791,122

discussions

Back to Top

ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

SOLVED
Highlighted
Posted by
Regular Contributor

Member Since: ‎12-19-2013
Posts: 202
Message 1 of 61 (69,127 Views)

ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

A security vulnerability has been reported that affects some models of the popular SURFboard modem line by ARRIS (formerly Motorola).

 

Attackers can exploit a flaw in SB6120, SB6120 and SB6141 model modems running firmware version SB_KOMODO-1.0.6.14 to reboot/reset these modems remotely without authentication, due to the presence of a cross-site request forgery vulnerability.

 

See this article and DLSR forum post for more details:

 

ARRIS (Motorola) SURFboard modem unauthenticated reboot flaw

http://www.securityforrealpeople.com/2016/04/arris-motorola-surfboard-modem.html

 

Some SB61XX modems may be vulnerable to a CSRF attack

https://www.dslreports.com/forum/r30690513-Some-SB61XX-modems-may-be-vulnerable-to-a-CSRF-attack

60 REPLIES
Posted by
Edited on
‎04-15-2016 02:28 PM

Official Employee

Member Since: ‎03-08-2013
Posts: 275
Message 2 of 61 (68,978 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

[ Edited ]

I'm checking to see how this vulnerability will be addressed and what the timeline looks like. Thanks for posting!

 

Update 4/12/16: Updated firmware fixing this vulnerability should be available soon. We appreciate everyone's patience while we test the update to ensure it's reliable and safe to push out to the affected modem models.

 

Update 4/15/16: Comcast has temporarily blocked access to the user interface that the firmware vulnerability relies on. We are in contact with ARRIS and working with them to provide a permanent fix. During this time, customers who want to check their signal levels can use Speed Experience. Service issues can be addressed on this Forum, by posting in the appropriate section.


--
John
xfinity.com/experience



Community Icon
I am an Official Comcast Employee.
Official Employees are from multiple teams within Comcast: Product, Support, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.

Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am an Offical Comcast Employee.
Official Employees are from multiple teams within Comcast.
We ask that you post publicly so people with similar questions may benefit.
Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am a Comcast Employee.
Please post so people with similar questions may benefit.
Was your question answered?
Mark it as a solution!solution Icon
Posted by
Contributor

Member Since: ‎08-28-2012
Posts: 45
Message 3 of 61 (68,782 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

I really hope the new firmware does not make it impossible to run an automated script to do reboots.

Due to the CMTS's nasty habit of assigning channels with terrible uncorrectable packet loss, I wrote a cron job that fetches the CM's status & signals page once per minute, then checks SNR and calculates uncorrectable packet loss percentage. If SNR < 29 or packet loss > 2%, it reboots the CM. And eventually I get a set of clean channels. Life has been much more pleasant since I set that up.

Posted by
Regular Contributor

Member Since: ‎12-19-2013
Posts: 202
Message 4 of 61 (68,759 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability


shimagnolo wrote:

I really hope the new firmware does not make it impossible to run an automated script to do reboots.

 


Well, this is what it says in the release notes for the new "1.0.6.16-SCM00" version firmware:

 

From: https://www.dslreports.com/forum/r30692718-

 

Posted by
Edited on
‎04-16-2016 05:21 PM

Regular Contributor

Member Since: ‎12-19-2013
Posts: 202
Message 5 of 61 (68,598 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

[ Edited ]

FYI - Comcast has instituted a temporary block of the Admin GUI pages located at 192.168.100.1 on the SB612X and SB6141 modems:

 

From: https://www.dslreports.com/forum/r30702757-

 
said by jfox:

... we have temporarily blocked access to the user interface that the firmware vulnerability relies on.

We are in contact with ARRIS and working with them to provide a permanent fix. During this time, customers who need to check their signal levels can use https://speedexperience.xfinity.com/ , or you can reach out to https://www.dslreports.com/forum/comcastdirect for assistance, if needed.

 

However, users have found that this temporary block can be removed by power cycling the modem.

 

EDIT: There are now reports http://www.dslreports.com/forum/r30704359- that this temporary block gets renewed/pushed out every night in the early hours of the morning.

 

EDIT2: It now appears that this temporary block gets renewed/pushed out a few times a day now: http://www.dslreports.com/forum/r30705010-

Posted by
Visitor
  • Thank you contributor for your first reply to the community!
 Posting replies is the best way to get involved.

Member Since: ‎04-19-2016
Posts: 1
Message 6 of 61 (68,110 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

Hi John, I tried the "Speed Experience" but it does not provide any signal level information.

Posted by
Frequent Visitor

Member Since: ‎12-11-2009
Posts: 13
Message 7 of 61 (68,003 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

And for some of us, it does not test the correct modem, I have a tm602 for phone and a SB6183 for internet, it tests the old 602 and report it as EOLed, and stops there. How do I get it to look and examine the correct modem?

Posted by
Official Employee

Member Since: ‎03-08-2013
Posts: 275
Message 8 of 61 (67,969 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability


blackjoe wrote:

Hi John, I tried the "Speed Experience" but it does not provide any signal level information.


Speed Experience will check your signal levels and report back to you if there's a problem during the test (i.e. levels are out of spec). It won't report your actual levels, however a Care agent can review your signal levels if you believe this to be causing an issue with your service.


--
John
xfinity.com/experience



Community Icon
I am an Official Comcast Employee.
Official Employees are from multiple teams within Comcast: Product, Support, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.

Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am an Offical Comcast Employee.
Official Employees are from multiple teams within Comcast.
We ask that you post publicly so people with similar questions may benefit.
Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am a Comcast Employee.
Please post so people with similar questions may benefit.
Was your question answered?
Mark it as a solution!solution Icon
Posted by
Official Employee

Member Since: ‎03-08-2013
Posts: 275
Message 9 of 61 (67,968 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability


gwtx wrote:

And for some of us, it does not test the correct modem, I have a tm602 for phone and a SB6183 for internet, it tests the old 602 and report it as EOLed, and stops there. How do I get it to look and examine the correct modem?


Currently, the Speed Experience tool is in beta. I will report your individual experience with it to the team that manages the tool.


--
John
xfinity.com/experience



Community Icon
I am an Official Comcast Employee.
Official Employees are from multiple teams within Comcast: Product, Support, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.

Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am an Offical Comcast Employee.
Official Employees are from multiple teams within Comcast.
We ask that you post publicly so people with similar questions may benefit.
Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am a Comcast Employee.
Please post so people with similar questions may benefit.
Was your question answered?
Mark it as a solution!solution Icon
Posted by
Frequent Visitor
  • You have posted 5 replies to the community. Thank you for keeping the conversations going!
  • Thank you contributor for your first reply to the community!
 Posting replies is the best way to get involved.
  • Congrats on Posting your first topic!

Member Since: ‎06-21-2014
Posts: 10
Message 10 of 61 (67,799 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

I would really be interested in that script you have, I have the same problem in my area with ridiculous amounts of packet loss/uncorrectable errors.

Posted by
Official Employee

Member Since: ‎03-08-2013
Posts: 275
Message 11 of 61 (67,685 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

Posted by
Regular Contributor

Member Since: ‎12-19-2013
Posts: 202
Message 12 of 61 (67,245 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

FYI - Comcast is currently running a limited soak test of the SB_KOMODO-1.0.6.16-SCM00-NOSH firmware for the SB6120, SB6121 and SB6141 models with a select group of customers:

From: »Re: [Security] Some Moto/ARRIS SB61XX modems may be vulnerable to a CSRF attack

said by jfox:

With regard to the SB firmware update, we are in the process of soak testing firmware for the SB6120, SB6121, and SB6141 models. We're so close to a final release!

 

The new firmware for the SB6183 should be released for its soak test soon:

From: »Re: [Security] Some Moto/ARRIS SB61XX modems may be vulnerable to a CSRF attack

said by jfox:

Soak for the SB6183 is scheduled to start this coming week.

 

Posted by
Edited on
‎04-26-2016 02:57 PM

Official Employee

Member Since: ‎03-08-2013
Posts: 275
Message 13 of 61 (78,382 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

[ Edited ]

Update: We plan to push updated firmware for the SB6120, SB6121, and SB6141 modems on Thursday.
Details are still being determined for the testing and release of updated firmware for the SB6183 and SB6190.


--
John
xfinity.com/experience



Community Icon
I am an Official Comcast Employee.
Official Employees are from multiple teams within Comcast: Product, Support, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.

Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am an Offical Comcast Employee.
Official Employees are from multiple teams within Comcast.
We ask that you post publicly so people with similar questions may benefit.
Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am a Comcast Employee.
Please post so people with similar questions may benefit.
Was your question answered?
Mark it as a solution!solution Icon
Posted by
Visitor
  • Thank you contributor for your first reply to the community!
 Posting replies is the best way to get involved.

Member Since: ‎04-27-2016
Posts: 2
Message 14 of 61 (66,854 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

I would like to echo shimagnolo's concern.  I really hope this "fix" does not disable my ability to perform automated reboots of my cable modem.  I use this feature.

Posted by
Edited on
‎04-27-2016 10:22 AM

Visitor
  • Thank you contributor for your first reply to the community!
 Posting replies is the best way to get involved.

Member Since: ‎04-27-2016
Posts: 1
Message 15 of 61 (66,807 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

[ Edited ]

Hi John,

 

Do you know if there are any plans to make the Speed Experience tool available to Comcast Business customers?

 

And thank you for keeping us in the loop about the fix!

Posted by
Contributor

Member Since: ‎08-28-2012
Posts: 45
Message 16 of 61 (66,638 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

I just got the new firmware:

 

- It does indeed bork the scripted reset ability. The reset.htm page is still there,

and it will tell you it will reboot in 10 seconds, but actually does nothing.

 

- The hidden cmConfigDataW.htm page is still there for those who were wondering.

 

So it looks like I need to put my networked power switch inline with the CM to restore automated reboots.

Posted by
Regular Contributor

Member Since: ‎12-19-2013
Posts: 202
Message 17 of 61 (66,597 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability


shimagnolo wrote:

I just got the new firmware:

 


Yes, Comcast officially went GA today with the new SB_KOMODO-1.0.6.16-SCM00-NOSH firmware:

From: »Re: [Security] Some Moto/ARRIS SB61XX modems may be vulnerable to a CSRF attack

 
said by jfox:

The firmware update for the SB6120, SB6121, and SB6141 has been released to the public today. Also, the soak has started for the SB6183.

Posted by
Visitor
  • Congratulations on receiving your first Kudos! Thank you for your meaningful contribution to the forum. May this be the first of many kudos.

Member Since: ‎04-28-2016
Posts: 2
Message 18 of 61 (66,530 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

Received the  the new SB_KOMODO-1.0.6.16-SCM00-NOSH firmware.

 

hasn't fixed the issue, 3 hours later still getting no access to.... 

The 192.168.100.1 page isn’t working

192.168.100.1 didn’t send any data.

ERR_EMPTY_RESPONSE
 
is this because comcast is still pushing the lock out file???
 
Thanks
Posted by
Contributor

Member Since: ‎08-28-2012
Posts: 45
Message 19 of 61 (66,505 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability


___SHADOW___ wrote:

Received the  the new SB_KOMODO-1.0.6.16-SCM00-NOSH firmware.

 

hasn't fixed the issue, 3 hours later still getting no access to.... 

The 192.168.100.1 page isn’t working

192.168.100.1 didn’t send any data.

ERR_EMPTY_RESPONSE
 
is this because comcast is still pushing the lock out file???
 
Thanks

Yes, they are still borking the web interface, even though they have pushed out the update.

They crippled mine at the usual 1215 time again.

Posted by
Visitor
  • Thank you contributor for your first reply to the community!
 Posting replies is the best way to get involved.

Member Since: ‎04-28-2016
Posts: 3
Message 20 of 61 (66,488 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

Please tell me they aren't going to consider removing the remote reboot a "fix" to the problem. That's just giving a giant middle finger to everyone who uses the feature. At the very least they should allow people the option to choose the "vulnerability" *eye roll* or not.

Posted by
Official Employee

Member Since: ‎03-08-2013
Posts: 275
Message 21 of 61 (66,474 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

Good question!

 

I can definitely ask our engineering folks if that's in the works.


--
John
xfinity.com/experience



Community Icon
I am an Official Comcast Employee.
Official Employees are from multiple teams within Comcast: Product, Support, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.

Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am an Offical Comcast Employee.
Official Employees are from multiple teams within Comcast.
We ask that you post publicly so people with similar questions may benefit.
Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am a Comcast Employee.
Please post so people with similar questions may benefit.
Was your question answered?
Mark it as a solution!solution Icon
Posted by
Official Employee

Member Since: ‎03-08-2013
Posts: 275
Message 22 of 61 (66,472 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

If you have a SB6120, SB6121 or SB6141, the GUI lockout has been removed for these models. You might need to power cycle your modem one more time to remove it, if it wasn't removed at the time the updated firmware was pushed.


--
John
xfinity.com/experience



Community Icon
I am an Official Comcast Employee.
Official Employees are from multiple teams within Comcast: Product, Support, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.

Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am an Offical Comcast Employee.
Official Employees are from multiple teams within Comcast.
We ask that you post publicly so people with similar questions may benefit.
Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am a Comcast Employee.
Please post so people with similar questions may benefit.
Was your question answered?
Mark it as a solution!solution Icon
Posted by
Official Employee

Member Since: ‎03-08-2013
Posts: 275
Message 23 of 61 (66,467 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

Update 4/28/16: Customers with ARRIS models SB6120, SB6121, and SB6141 should have received updated fimware to patch the CSRF vulnerability and remove the temporary web GUI block from their modem. The updated version of this firmware is SB_KOMODO-1.0.6.16-SCM00-NOSH. If you are still experiencing the effect of the temporary web GUI block, please power cycle your modem to remove it.

 

Customers using the ARRIS SB6183 modem should note that a firmware update is currently being tested and will be released soon after testing is complete.


--
John
xfinity.com/experience



Community Icon
I am an Official Comcast Employee.
Official Employees are from multiple teams within Comcast: Product, Support, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.

Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am an Offical Comcast Employee.
Official Employees are from multiple teams within Comcast.
We ask that you post publicly so people with similar questions may benefit.
Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am a Comcast Employee.
Please post so people with similar questions may benefit.
Was your question answered?
Mark it as a solution!solution Icon
Posted by
Edited on
‎04-28-2016 05:48 PM

Visitor
  • Thank you contributor for your first reply to the community!
 Posting replies is the best way to get involved.

Member Since: ‎04-28-2016
Posts: 3
Message 24 of 61 (66,460 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

[ Edited ]

The "Reboot cable modem" button is still missing, is this on purpose?

 

This wouldn't even be an issue if the 61xx series modems weren't the only modems on the market with the web GUI reboot feature, otherwise I would just buy another modem and be done with this.

Posted by
Visitor
  • Congratulations on receiving your first Kudos! Thank you for your meaningful contribution to the forum. May this be the first of many kudos.

Member Since: ‎04-28-2016
Posts: 2
Message 25 of 61 (66,440 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

The "Reset to Defaults" Button is also missing???

 

Is this going to be reimplemented it the foreseeable future???

Posted by
Official Employee

Member Since: ‎03-08-2013
Posts: 275
Message 26 of 61 (66,277 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

Posted by
Edited on
‎04-29-2016 08:23 AM

Official Employee

Member Since: ‎03-08-2013
Posts: 275
Message 27 of 61 (66,278 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

[ Edited ]

The ability to perform a soft reset or a factory reset was restricted in the new firmware. Resetting the modem can still be done one of two ways:

 

1. Disconnecting the power cable for ~ 5-10 seconds and reconnnecting.

2. Using the My Account app to reset your modem remotely.

3. Logging into xfinity.com/myaccount and completing the Internet Troubleshooting Assistant.


--
John
xfinity.com/experience



Community Icon
I am an Official Comcast Employee.
Official Employees are from multiple teams within Comcast: Product, Support, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.

Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am an Offical Comcast Employee.
Official Employees are from multiple teams within Comcast.
We ask that you post publicly so people with similar questions may benefit.
Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am a Comcast Employee.
Please post so people with similar questions may benefit.
Was your question answered?
Mark it as a solution!solution Icon
Posted by
Regular Contributor

Member Since: ‎01-11-2007
Posts: 143
Message 28 of 61 (66,265 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

 


ComcastJohnF wrote:

The ability to perform a soft reset or a factory reset was restricted in the new firmware. Resetting the modem can still be done one of two ways:

 

1. Disconnecting the power cable for ~ 5-10 seconds and reconnnecting.

2. Using the My Account app to reset your modem remotely.

3. Logging into xfinity.com/myaccount and completing the Internet Troubleshooting Assistant.


How does this make any sense.The ability to reset or go back to factory using my SB6183 is gone. How do you go back to factory??? Who thought this was a good Idea.

Posted by
Official Employee

Member Since: ‎03-08-2013
Posts: 275
Message 29 of 61 (66,235 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

I believe there should be a pinhole reset you can perform if you need to reset the modem to factory, but I'm not clear under what circumstances a user would need to factory reset their modem?


--
John
xfinity.com/experience



Community Icon
I am an Official Comcast Employee.
Official Employees are from multiple teams within Comcast: Product, Support, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.

Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am an Offical Comcast Employee.
Official Employees are from multiple teams within Comcast.
We ask that you post publicly so people with similar questions may benefit.
Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am a Comcast Employee.
Please post so people with similar questions may benefit.
Was your question answered?
Mark it as a solution!solution Icon
Posted by
Contributor

Member Since: ‎02-15-2015
Posts: 22
Message 30 of 61 (66,214 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

I tried a rest as well, could it be a connection at the road? Do I need a tech to come out?
Posted by
Regular Contributor

Member Since: ‎01-11-2007
Posts: 143
Message 31 of 61 (66,189 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability


ComcastJohnF wrote:

I believe there should be a pinhole reset you can perform if you need to reset the modem to factory, but I'm not clear under what circumstances a user would need to factory reset their modem?


No pinhole I can see.  Why a factory reset.   Because you never know.

Posted by
Authorized Vendor

Member Since: ‎05-02-2012
Posts: 1,342
Message 32 of 61 (66,125 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

No pinhole on the SB6183 but you can do this:

 

Have a PC connected via Ethernet.
Unplug the RF cable from the cable modem.
Power reset the cable modem.
Once the “Power” LED comes on solid, and the “Downstream (DS)” LED begins blinking, open a Browser and go to “192.168.100.1”. Once there, go to the “Configuration” page and press the “reset Factory Defaults” button.
Reconnect the RF cable.
Power reset the modem.
-------------------------------------
Network Engineer, IP Engineer, Docsis..; the views expressed on this post are mine and do not necessarily reflect the views of my employer..

Gamer.. Living the dream one catastrophe at a time Smiley Happy ..
Posted by
Edited on
‎04-29-2016 06:59 PM

Contributor

Member Since: ‎05-20-2006
Posts: 40
Message 33 of 61 (66,098 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

[ Edited ]

ComcastJohnF wrote:

I believe there should be a pinhole reset you can perform if you need to reset the modem to factory, but I'm not clear under what circumstances a user would need to factory reset their modem?



... and if by chance, I wanted to sell my SB6141 modem (that I paid for!), I guess that without a factory reset ability, I am restricted to selling it to only Comcast customers????? This seems to amount to theft.

Posted by
Regular Contributor

Member Since: ‎01-11-2007
Posts: 143
Message 34 of 61 (66,068 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

I have the 6183 and I'm looking at the Configuration page right now and as of this morning the

reset Factory Defaults” button.  

 is gone as is the reset button

Posted by
Authorized Vendor

Member Since: ‎05-02-2012
Posts: 1,342
Message 35 of 61 (66,037 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability


plummerl wrote:

... and if by chance, I wanted to sell my SB6141 modem (that I paid for!), I guess that without a factory reset ability, I am restricted to selling it to only Comcast customers????? This seems to amount to theft.


The config gets set via the bootfile, so the MSO can set whatever settings they want..  Keep in mind this is a cable modem and only a layer 2 device not much the user can set anyways..

-------------------------------------
Network Engineer, IP Engineer, Docsis..; the views expressed on this post are mine and do not necessarily reflect the views of my employer..

Gamer.. Living the dream one catastrophe at a time Smiley Happy ..
Posted by
Connection Expert

Member Since: ‎12-24-2003
Posts: 54,131
Message 36 of 61 (66,033 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

Yep Nothing with a layer 2 bridge.



Community Icon
I am not a Comcast employee, I am a paying customer just like you!
I am an XFINITY Forum Expert and I am here to help. For information on the program click here.
We ask that you post publicly so people with similar questions may benefit from the conversation.

Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am not a Comcast employee. I am a paying customer just like you!
I am an XFINITY Forum Expert and I am here to help.
We ask that you post publicly so people with similar questions may benefit.

Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am not a Comcast employee.

Was your question answered?
Mark it as a solution!solution Icon

Posted by
Contributor

Member Since: ‎06-19-2011
Posts: 20
Message 37 of 61 (65,986 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

Just wondering how to clear the log files. I used to reset the defaults and reboot the modem once a week so they wouldn't pile up. Well since thats no longer an option. How can I clear out those log files ??

Posted by
Contributor

Member Since: ‎08-28-2012
Posts: 45
Message 38 of 61 (65,983 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

Hint: read post #32.

The buttons appear on that page when not connected to the CMTS.

Posted by
Regular Contributor

Member Since: ‎01-11-2007
Posts: 143
Message 39 of 61 (65,976 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability


ArrisTuska wrote:

No pinhole on the SB6183 but you can do this:

 

Have a PC connected via Ethernet.
Unplug the RF cable from the cable modem.
Power reset the cable modem.
Once the “Power” LED comes on solid, and the “Downstream (DS)” LED begins blinking, open a Browser and go to “192.168.100.1”. Once there, go to the “Configuration” page and press the “reset Factory Defaults” button.
Reconnect the RF cable.
Power reset the modem.

I'll try it that way. thanks

Posted by
Connection Expert

Member Since: ‎12-24-2003
Posts: 54,131
Message 40 of 61 (65,966 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability


Thunder1013 wrote:

Just wondering how to clear the log files. I used to reset the defaults and reboot the modem once a week so they wouldn't pile up. Well since thats no longer an option. How can I clear out those log files ??


When they overflow (which is pretty limited) they overwrite themselves anyway.




Community Icon
I am not a Comcast employee, I am a paying customer just like you!
I am an XFINITY Forum Expert and I am here to help. For information on the program click here.
We ask that you post publicly so people with similar questions may benefit from the conversation.

Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am not a Comcast employee. I am a paying customer just like you!
I am an XFINITY Forum Expert and I am here to help.
We ask that you post publicly so people with similar questions may benefit.

Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am not a Comcast employee.

Was your question answered?
Mark it as a solution!solution Icon

Posted by
Regular Contributor

Member Since: ‎01-11-2007
Posts: 143
Message 41 of 61 (65,882 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability


ArrisTuska wrote:

No pinhole on the SB6183 but you can do this:

 

Have a PC connected via Ethernet.
Unplug the RF cable from the cable modem.
Power reset the cable modem.
Once the “Power” LED comes on solid, and the “Downstream (DS)” LED begins blinking, open a Browser and go to “192.168.100.1”. Once there, go to the “Configuration” page and press the “reset Factory Defaults” button.
Reconnect the RF cable.
Power reset the modem.

It did work for me. Thanks again. I guess the question is why get rid of those reset buttons.

Posted by
Frequent Visitor

Member Since: ‎12-11-2009
Posts: 13
Message 42 of 61 (65,745 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

3. Logging into xfinity.com/myaccount and completing

 

Tried a reset twice and waited 10 minutes, is it supposed to reboot my 6183?

 

And why factory reset? Isn't it supposed to relearn the connections when factory reset is issued?

 

I'd rather have the old firmware, as a factory reset takes less than 5 minutes, and this only triggers if I visit a web page that has this?

 

And as for the reboot without RF connection, has anyone else noticed you cannot access the modem's webpage if it has no outside connection?

Or is this because I use a router in front of the modem?

Posted by
Regular Contributor

Member Since: ‎01-11-2007
Posts: 143
Message 43 of 61 (65,711 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability


gwtx wrote:

3. Logging into xfinity.com/myaccount and completing

 

Tried a reset twice and waited 10 minutes, is it supposed to reboot my 6183?

 

And why factory reset? Isn't it supposed to relearn the connections when factory reset is issued?

 

I'd rather have the old firmware, as a factory reset takes less than 5 minutes, and this only triggers if I visit a web page that has this?

 

And as for the reboot without RF connection, has anyone else noticed you cannot access the modem's webpage if it has no outside connection?

Or is this because I use a router in front of the modem?


I had to do it twice but the webpage did come up. I was still connected to my router.

Posted by
Contributor

Member Since: ‎08-28-2012
Posts: 45
Message 44 of 61 (65,694 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability


gwtx wrote:

3. Logging into xfinity.com/myaccount and completing

 

Tried a reset twice and waited 10 minutes, is it supposed to reboot my 6183?

 

And why factory reset? Isn't it supposed to relearn the connections when factory reset is issued?

 

I'd rather have the old firmware, as a factory reset takes less than 5 minutes, and this only triggers if I visit a web page that has this?

 

And as for the reboot without RF connection, has anyone else noticed you cannot access the modem's webpage if it has no outside connection?

Or is this because I use a router in front of the modem?


I had issues with sometimes being unable to reach the web page.

They were solved by putting a static ARP entry in the router for the CM.

Posted by
Authorized Vendor

Member Since: ‎05-02-2012
Posts: 1,342
Message 45 of 61 (65,646 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability


gwtx wrote:

Or is this because I use a router in front of the modem?


yep I would guess your router had a problem with it.. 

-------------------------------------
Network Engineer, IP Engineer, Docsis..; the views expressed on this post are mine and do not necessarily reflect the views of my employer..

Gamer.. Living the dream one catastrophe at a time Smiley Happy ..
Posted by
Frequent Visitor

Member Since: ‎12-11-2009
Posts: 13
Message 46 of 61 (65,538 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability


ArrisTuska wrote:

gwtx wrote:

Or is this because I use a router in front of the modem?


yep I would guess your router had a problem with it.. 


Let see. XP & win7, 3 modems 6121, 6141, 6183,  with linksys, netgear, and OpenWRT routers( 2 major revisions ), yep sounds like a router issue

Possilble its a routing issue, I havent traced the routing under these conditions

Posted by
Regular Contributor

Member Since: ‎12-19-2013
Posts: 202
Message 47 of 61 (64,553 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability


ComcastJohnF wrote:

Update 4/28/16:

Customers using the ARRIS SB6183 modem should note that a firmware update is currently being tested and will be released soon after testing is complete.


FYI - From: https://www.dslreports.com/forum/r30740613-

 

said by jfox (aka "ComcastJohnF"):

The firmware update for the SB6183 is scheduled for GA tomorrow, 5/5.

 
Posted by
Contributor

Member Since: ‎06-02-2014
Posts: 23
Message 48 of 61 (64,536 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

I powered cycled my SB6141 cable modem a couple of days ago. I saw that new firmware was downloaded. Right afterwards, I was able to access the diagnostic page in my web browser.

 

But I just tried it again and I am back to the "Cannot Open Page" error message. I thought this block was suppose to be removed after the new firmware was installed?

Posted by
Official Employee

Member Since: ‎03-08-2013
Posts: 275
Message 49 of 61 (64,462 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

Update 5/5/16: Customers with ARRIS model SB6183 should have received updated fimware to patch the CSRF vulnerability and remove the temporary web GUI block from their modem. The updated version of this firmware is D30CM-OSPREY-1.5.2.3-GA-01-NOSH-NNDMN. If you are still experiencing the effect of the temporary web GUI block, please power cycle your modem to remove it.


--
John
xfinity.com/experience



Community Icon
I am an Official Comcast Employee.
Official Employees are from multiple teams within Comcast: Product, Support, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.

Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am an Offical Comcast Employee.
Official Employees are from multiple teams within Comcast.
We ask that you post publicly so people with similar questions may benefit.
Was your question answered? Mark it as an accepted solution!solution Icon
Community Icon
I am a Comcast Employee.
Please post so people with similar questions may benefit.
Was your question answered?
Mark it as a solution!solution Icon
Posted by
Visitor
Member Since: ‎05-05-2016
Posts: 2
Message 50 of 61 (64,437 Views)

Re: ARRIS/Motorola SB612X and SB6141 modem unauthenticated remote reboot vulnerability

I'm another user who needs to be able to programatically reset my modem.  Fixing a bug by eliminating features is amateur hour.  Put a login/password on it for pete sake.  Now I have to go find another modem.  Thanks comcast!