Re: CAX80 security vulnerabilities

f you are a NETGEAR customer with a security-related support concern, you can contact NETGEAR customer support at techsupport.security@netgear.com. 

For all other issues, visit http://www.netgear.com/about/security

The user loaded FW is ONLY for the router portion of the modem. ISPs are still responsible for testing and pushing modem FW to user modems. Users can not update the modem FW. Be aware that some ISPs will not update modem FW on user owned modems. You'll need to consult with the ISP regarding this. 

Seems you may have read partial information. You *can* update the router side of this device only. Cable modem firmware is only updateable by the ISP per DOCSIS 3.1.

I have not been able to find any information on whether the CAX80 is affected by Cable Haunt. This is a pretty serious vulnerability. Has anyone contacted Netgear or their ISP providers regarding this flaw in their cable modems?

Thanks.

You might contact your ISP and see. Might check DSLReports.com as well. Though I haven't see much regarding that there. Only one item was the intel chip set problem found on Intel based modems years ago. This Cable haunt is two years old. Haven't seen much or any activity on it. I've had my CAX80 online for a couple of years. Recently put it back online in modem mode.

Cable Haunt is 2yrs old - but not that old to have nothing on the web regarding the ISP providers & modem manufacturers response to it. At the very least I expected the companies to address the vulnerability with a firmware version that has the fix. 

Otherwise, sounds like a good piece of hardware.