Reply

Re: Anyone know if the R7000 has the backdoor?

njourdain
Aspirant

Anyone know if the R7000 has the backdoor?

Just saw this story on arstechnica.

http://arstechnica.com/security/2014/04/easter-egg-dsl-router-patch-merely-hides-backdoor-instead-of...

Does anyone know if the R7000 is affected or it really is just dsl routers?
Message 1 of 3
Retired_Member
Not applicable

Re: Anyone know if the R7000 has the backdoor?

I just skimmed the article and it seems to me that it would be unlikely that the R7000 would be affected.

The vulnerability affects broadband access devices using a chipset designed by Sercomm. The R7000 uses an SoC designed by Broadcom.

It seems to be isolated to DSL modems, which of course the R7000 is not.

Finally, the backdoor seems to have been implemented to remotely manage/upgrade these devices. It seems that it might be a "feature" that Sercomm implemented to appeal to service providers, who often buy these types of devices in bulk.

Just to be sure, I port scanned my R7000 on the associated port. It's in stealth mode.
Message 2 of 3
RogerSC
Virtuoso

Re: Anyone know if the R7000 has the backdoor?

Okay, my impression of this is that you have to have the DSL piece with the chipset in question. This applies to dsl gateways, or "dsl routers", where you have the dsl modem combined with a router.

I'm pretty sure that the R7000 is not included in this.

That isn't to say that there couldn't be other backdoors in the R7000...NSA, can you hear me now?
Message 3 of 3
Top Contributors
Discussion stats
  • 2 replies
  • 7524 views
  • 0 kudos
  • 3 in conversation
Announcements

Orbi WiFi 6E