Community Forum

CGM4140COM dnsmasq CRITICAL SECURITY FLAW / Vulnerability

New Poster

CGM4140COM dnsmasq CRITICAL SECURITY FLAW / Vulnerability

Hi Folks,

There appears to be a significant security flaw in Comcast's latest Internet Router with XFi, the CGM4140. According to Google  ,Avast and CVE this issue was found in October 2017, but Comcast has failed to update or push the fix.

Impact: Any device connected to your network, including computers, phones, tablets, printers, security cameras, or any other networked device in your home or office network, may have an increased risk of compromise.

Recommendation: To solve the vulnerability on your device, apply the firmware or system update that contains DnsMasq software version 2.78 or higher provided by your device's manufacturer.

Since Comcast customers do not have the ability to apply firmware updates, we are at the mercy of the vendor.

The affected device's DNS service is running an outdated version of the DnsMasq software which is known to have a heap buffer overflow vulnerability. A remote attacker can gain control of your network device and your Internet connection.Avast Security Issue CGM4140.PNG