Xfinity Forum Archive...
This is an archived section of the community.
Content in this area has been identified as outdated or irrelevant.
This change was done in an effort to make the forum easier to use and to keep only the most helpful and recent content active.
Post your questions in the Xfinity Community
The exploit itself: https://www.exploit-db.com/exploits/40982/
And, in a way more impomtantly here are details on an exploit via a CVE database. https://www.cvedetails.com/cve/CVE-2016-7454/
Again CVE-2016-7454 .. also note http://www.cvedetails.com/cve/CVE-2016-1325/
The first one's description is 'SSRF vulnerability on Technicolor TC dpc3941T (formerly Cisco dpc3941T) devices with firmware dpc3941-P20-18-v303r20421733-160413a-CMCST allows an attacker to change the Wi-Fi password, open the remote management interface, or reset the router.'
NIST even regards 1325 which targets the DPC3941 as a 7.5 out of 10 threat. https://nvd.nist.gov/vuln/detail/CVE-2016-1325
And the first of the two as an 8 out of 10. https://nvd.nist.gov/vuln/detail/CVE-2016-7454
I say these units all must be replaced with units which at the least lack any published CVE's unresolved, not fixed, with a severity above a 2 or 3. There shold be a reasonable policy on this. If you have one of these units, you should definitely ask it be replaced by another newer model if possible. Any thoughts on my opinions appreciated, and if level 2/3 techs and so forth want to prove me wrong, I'm fine with that too.
Concern moved here from home networking for greater exposure / escalation to actual Comcast employees.
I've asked a Comcast employee to help you. You should expect a reply soon.
HI Chris1988 -- Thank you for bringing this to our attention and for sharing your thoughts about these devices. To be clear, any recall of these devices is not something we would decide on as we are not the manufacturer. The manufacturer would need to determine if there is a larger issue present that would require all these units to be pulled for further diagnostics.