NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

brycewade's avatar
brycewade
Follower
Jan 13, 2020

Firmware upgrade for Cable Haunt vulnerability on CM1000?

With the recent announcment of the Cable Haunt vulnerability (see https://cablehaunt.com/) and the inclusion of the CM1000 modem on the list of affected devices, is there an updated firmware availabl...
linuxnutt's avatar
linuxnutt
Aspirant
Jan 18, 2020

Just a quick question in connecting to CM500 "spectrum" web screen/page at http://192.168.100.1:8080 typically is there a default password to connect as I've changed my admin password from the unsecure user "admin" and "password" credentilas to a more secure one. Yet when I try to use the default password or my changed admin password to connect http://192.168.100.1:8080 I'm not able to connect. 

 

In addition I'll add here for Linux firewall users how to block access to your cablemodem using null routes to blackhole the 192.168.100.1 IP. I spend a long minute trying to find this solution ( :-) ) and its really very easy you don't need to add an iptable rule to your firewall.

My network setup: Internet--ISP--Cable Modem--Smoothwall Firewall--Internal Network. On the firewall add a null route to blackhole the cable modem ip address (192.168.100.1). Here is a reference for specific how to setup and remove details - nixcraft, "How Do I Drop or Black Attackers IP Address with Null Routes on a Linux", https://www.cyberciti.biz/tips/how-do-i-drop-or-block-attackers-ip-with-null-routes.html. I've done it and the cable modem access from the internal network is blocked. This should help until Broadcom, Modem manafactures and your ISP come up with a firmware fix for Cable Haunt. If you need to reconnect to the cable modem for some reason simple remove the null route block.

 

FURRYe38's avatar
FURRYe38
Guru - Experienced User
Jan 18, 2020

I've changed the PW on my CM1100 and I can still access the analyzer page using the PW I set for the modems main web page. 

linuxnutt wrote:

Just a quick question in connecting to CM500 "spectrum" web screen/page at http://192.168.100.1:8080 typically is there a default password to connect as I've changed my admin password from the unsecure user "admin" and "password" credentilas to a more secure one. Yet when I try to use the default password or my changed admin password to connect http://192.168.100.1:8080 I'm not able to connect. 

 

In addition I'll add here for Linux firewall users how to block access to your cablemodem using null routes to blackhole the 192.168.100.1 IP. I spend a long minute trying to find this solution ( :-) ) and its really very easy you don't need to add an iptable rule to your firewall.

My network setup: Internet--ISP--Cable Modem--Smoothwall Firewall--Internal Network. On the firewall add a null route to blackhole the cable modem ip address (192.168.100.1). Here is a reference for specific how to setup and remove details - nixcraft, "How Do I Drop or Black Attackers IP Address with Null Routes on a Linux", https://www.cyberciti.biz/tips/how-do-i-drop-or-block-attackers-ip-with-null-routes.html. I've done it and the cable modem access from the internal network is blocked. This should help until Broadcom, Modem manafactures and your ISP come up with a firmware fix for Cable Haunt. If you need to reconnect to the cable modem for some reason simple remove the null route block.