Web GUI Password Recovery and Exposure Security Vulnerability

Th

---

TheEther wrote:

hawki, it's not clear to me what you are seeing when you attempt to log into the C6300.  It should look like this (complements of setuprouter.com):

 

 Then you should click on the Advanced tab at the top, then Administration on the side and finally Set Password, similar to this:

 

As far as firmware upgrades is concerned, the C6300 is a cable router modem.  It is frequently the case for such devices that firmware upgrades are available only through your ISP.  If the C6300 is not officially supported by your ISP, then you are outta luck.  :smileysad:

 

That is what I see. When I go to the set password page there is NO box to check to "Enable PW Recovery when I go to the set password page. I will check with my ISP. Cox has two categories of compatible modems: 1) Cox Preferred Devices; 2) Additional Cox Recommended DOCSIS 3.0 Devices. My C6300 falls under category 2. My modem works fine and delivers more than my guaranteed 100Mbps - It gives me 130Mbps

 

I will check with Cox, but I doubt they will have a firmware update. In the past all my firmware updates have been downloaded from Netgear after a pop-up appears asking me if I want the upgrade. But firmware squirmware - why do I not have the box to enable PW recovery? Is that something new?

 

Windows also searched The Net for a firmware update and said I had the latest as does my Genie.

 

Weird - so now I don't know if I have the vulnerability or not.

 

Thanks again for your taking the time to try to help :-)

 

hawkeye