Visitor
•
2 Messages
Xfinity Modem log4j vulnerability
I'm looking for information regarding the active exploit for Log4J in the wild. Are the Xfinity modems vulnerable to this exploit CVE 2021-44228. Any system/device using the Apache web service with Log4J would be vulnerable to it.
EG
Expert
•
107.2K Messages
3 years ago
Concern moved here to the Customer Service help section for greater exposure to actual Comcast corporate employees (The Digital Care Team) for assistance.
5
0
thatjerseydude
Regular Visitor
•
10 Messages
3 years ago
+1 here. Has anyone heard from them whether the routers are vulnerable(likelihood is very high due to the use of Java and likely apache) and if an update has come out?
0
user_c27fdf
Visitor
•
4 Messages
3 years ago
What is Log4J?
With the continuous coverage, it is pretty certain by now every 5th grader knows what Log4Shell is but just in case you missed the news, it is a recently discovered vulnerability in a ubiquitous Java logging framework LOG4J. The vulnerability has been given a CVSS Score of 10, making it the most serious of discovered flaws. Xfinity please provide us some feedback on this.
0
JC123456789
Regular Visitor
•
9 Messages
3 years ago
@Xfinity Support I sent a direct message and did not receive any reply. Can someone please confirm whether or not Xfinity owned routers are vulnerable to Log4j? It affects devices that run on apache.
0
0
Again
Expert
•
31K Messages
3 years ago
@JC123456789 If you did not make a post about the issue and sent a DM without specifically being asked to, your DM may be ignored. It is against the Forum Guidelines and the Acceptable Use Policy to send unsolicited DMs.
0
JC123456789
Regular Visitor
•
9 Messages
3 years ago
They did answer. And said that there is no known vulnerability on Xfinity rented equipment. So as far as I can tell it is ok.
1
0
CCMike1
Official Employee
•
933 Messages
3 years ago
Hi there! We are aware of the issue are keeping an eye on it!
2
0