Community Forum

FIrmware update for Arris router

New Poster

FIrmware update for Arris router

Are there any plans to update the firmware on the Arris modem/router to deal with the DnsMasq heap buffer overflow vulnerability?  It need to be updated to version 2.78 of DnsMasq that was release in October 2017 to correct this vulnerability.

New Poster

Re: FIrmware update for Arris router

Sad.  But something happened in the last 2 weeks to make my virus protection alert me that there was a problem with the router. 

Sadder still, when i call infinaty they knew nothing about this and had never heard of DnsMasq heap buffer overflow vulnerability.

New Poster

Re: FIrmware update for Arris router

virus alert from avast and comcast.pnganother virus alert.pnganother virus alert.png 2.png


@DrWhofirst w

@DrWhofirst wrote:

Sad.  But something happened in the last 2 weeks to make my virus protection alert me that there was a problem with the router. 

Sadder still, when i call infinaty they knew nothing about this and had never heard of DnsMasq heap buffer overflow vulnerability.

My sentiments exactly!  Smiley Sad
I've been experiencing incidents at which point i would turn on my computer and i literally would attempt to go on any website and it said, "that there seems to be a connection issue".
Then whenever i would attempt to trouble shoot that alleged "connection issue", it says that "there are no issues found"...
What makes this even stranger is that when i would check my "Arris xfinity router/modem" all the lights were flashing normally as if i had no connection issues.... 
Typically, how i would resolve that issue would be that:

 

  • i would restart my p.c and then attempt to login to a website again, and then there would be no further connection issues.
  • I would disconnect and reconnect my cable wire from the modem 
  • I would call the xfinity customer service phone number and have the BOT send me a refresh signal 


But whats even more bizzare is that this very same issue has happened to me, recently, on multiple occasions. 
Specifically, whenever im away from the computer for a couple of days and whenever i attempt to connect to websites, the issue happens all over again. 
Thats what prompted me to do a scan on my computer using avast anti-virus.
Thus, to my suprise, i was astonished that one critical issue was this "dnsmasq software version 2.78"  needs to be updated. Unfortunately, everyone seems to be at the whim of xfinity to get this Important issue resolved.
Hopefully this thread get's viewed by the technical staff over at xfinity. 
This is serious!Cat Indifferent




 

Silver Problem Solver

Re: FIrmware update for Arris router

Did you google "dnsmasq software version 2.78"?

I am not a Comcast Employee.
I am just a customer, volunteering my time to help other customers here in the Forums.
Was your question answered? Mark the post as best answer!
Expert

Re: FIrmware update for Arris router


@RobertWy wrote:

Did you google "dnsmasq software version 2.78"?


Only Comcast can update the firmware loads in combo gateway devices.



I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
New Poster

Re: FIrmware update for Arris router

 

Good Afternoon!

Thank you for the Prompt reply!

Did you google "dnsmasq software version 2.78"?

Yes, i have and i've bulleted the webpages below:

But, My concern is, on the sites on the above aforementioned,

it states that "dnsmasq software versions 2.77" or below are malicious.
So, Does anyone here recommend downloading the "dnsmasq software version 2.78"? is it safe?

or
Is this an issue that comcast/xfinity deal's with directly?

also
Does this mean that i'm not on a secure connection network? 

* I'm fairly not that familiar with issues like these....

the only reason i even looked into this was after my anti-virus scan. *Cat Surprised

New Poster

Re: FIrmware update for Arris router

I have run into this issue as well, but this may not be the only issue at stake. I realize I should probably open another thread for this...
While on the phone with tech support, I was told that I can access the router settings myself (tech support was trying to tell me that to solve this, all i needed to do was set my firewall to a higher security...). I had just switched over from ATT. ATT doesn't give you access to their router.
Not only did i have access, but the router still had the default username and password. ANYBODY could have accessed my router. Not sure, bit I think this is as big an issue as the firmware update.
Expert

Re: FIrmware update for Arris router

Ok, let me address the issue:

 

The Comcast gateways are not vulnerable to the exploit:

 

The attacker must be able to receive forwarded DNS queries from the victim device or control the DNS responses of the queried domain. The responses will contain the exploit. It’s an unusual scenario because the attacker must be able to configure the devices running Dnsmasq so that a device also under the attacker’s control can receive the queries.

 

Since you can't either compromise the Comcast DNS server, or access the gateway remotely to intercept the DNS inquiries or change the DNS settings, the gateways are secure from the attack. 

 

2. Comcast gateways ship with a default admin username and password to log in locally to manage the gateway. You're supposed to change the default password once you activate it. Even if you don't, the likelihood of attack isn't very high as the attacker would have to be inside your network to begin with via ethernet or wifi, and if that happens, there's not much you can do to mitigate an attack.

 

In any event, this thread is almost a year old, and I'm closing it. Any further issues should be addressed in a different thread. 

 


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!