Visitor
•
2 Messages
Xfinity Modem log4j vulnerability
I'm looking for information regarding the active exploit for Log4J in the wild. Are the Xfinity modems vulnerable to this exploit CVE 2021-44228. Any system/device using the Apache web service with Log4J would be vulnerable to it.
EG
Expert
•
93.6K Messages
Hace 5 m
Concern moved here to the Customer Service help section for greater exposure to actual Comcast corporate employees (The Digital Care Team) for assistance.
5
0
thatjerseydude
Regular Visitor
•
10 Messages
Hace 5 m
+1 here. Has anyone heard from them whether the routers are vulnerable(likelihood is very high due to the use of Java and likely apache) and if an update has come out?
0
user_c27fdf
Visitor
•
4 Messages
Hace 5 m
What is Log4J?
With the continuous coverage, it is pretty certain by now every 5th grader knows what Log4Shell is but just in case you missed the news, it is a recently discovered vulnerability in a ubiquitous Java logging framework LOG4J. The vulnerability has been given a CVSS Score of 10, making it the most serious of discovered flaws. Xfinity please provide us some feedback on this.
0
JC123456789
Regular Visitor
•
9 Messages
Hace 5 m
@Xfinity Support I sent a direct message and did not receive any reply. Can someone please confirm whether or not Xfinity owned routers are vulnerable to Log4j? It affects devices that run on apache.
0
0
Again
Expert
•
27.4K Messages
Hace 5 m
@JC123456789 If you did not make a post about the issue and sent a DM without specifically being asked to, your DM may be ignored. It is against the Forum Guidelines and the Acceptable Use Policy to send unsolicited DMs.
0
JC123456789
Regular Visitor
•
9 Messages
Hace 5 m
They did answer. And said that there is no known vulnerability on Xfinity rented equipment. So as far as I can tell it is ok.
1
0
XfinityMikeB
Official Employee
•
635 Messages
Hace 5 m
Hi there! We are aware of the issue are keeping an eye on it!
2
0