An independent developer has discovered a glaring vulnerability in certain cable modems on Time Warner/Road Runner cable networks. Wired says that 65,000 customers have the affected device.
The SMC8014 is a combination cable
Once on the network and in the web-based admin tool Chen realized that access to admin features was blocked with JavaScript. By disabling JavaScript in the browser he had clear access to them, including the ability to download a backup of the configuration which had the admin user name and password stored in plain text.
But wait, there's more: Chen says that the admin interface is available remotely across the Internet, meaning that by doing a port scan on Time Warner networks an attacker can find users running these devices and take over their networks from the comfort of his local Starbucks or public library.
Once an attacker is in and can change settings in the modem/router, he can change the DNS settings to point to a malicious host, opening users on the network to malware and phishing attacks. He can also eavesdrop on communications or use the router to conduct attacks on other systems. Chen says that he contacted Time Warner about the problem and they said there was nothing they could do about it.
Hat tip to ZDNet.