404 Tech Support

Where IT Help is Found

You are here: Home / Articles / Hardware, Gadgets, and Products / Popular ARRIS (formerly Motorola) SURFboard 6141 cable modem vulnerable to unwanted reboots

Popular ARRIS (formerly Motorola) SURFboard 6141 cable modem vulnerable to unwanted reboots

For those with cable Internet providers like Comcast, Mediacom, Time Warner Cable, and others, there is a common cost savings method of buying your own cable modem. One of the most popular modems to buy is the ARRIS SURFboard 6141 cable modem. As it only costs $70 on Amazon.com, it can pay for itself in less than a year with a monthly rental of $5.99 or higher from the ISPs.

To kick off the month of April, security researcher David Longenecker disclosed a vulnerability in the SB6141 cable modem and later confirmed its existence in the old SB6121 and even older 5100 models. The problem lies in the fact that you can access the modem’s firmware web interface by simply visiting the website at 192.168.100.1 with no authentication required. This can be helpful to show the status and diagnostic information if you are having problems with your cable company.

surfboard_modem

Compounding this situation and making it even easier to be an annoyance, there is a page on the modem that will trigger it reboot. This means your Internet connectivity will be lost for a few minutes until the modem reconnects. The URL is simply 192.168.100.1/reset.htm and a simple visit to the page will start the reboot. If you can get a person to click the link, their modem will be rebooted. This is a more annoying form of a reboot. However, you can make this even more direct by declaring the link as the source for an image. The victim’s browser will try to load the page and the simple request to that page will trigger the reboot.

<img src=”http://192.168.100.1/reset.htm”>

This is the proof-of-concept in place at RebootMyModem.net, which you may visit if you have a different modem/connection or are willing to have your modem reboot. A rogue website or even ad network could deploy this concept to disrupt millions of Internet connections regularly.

To make things even worse, there is another page that will perform a full reset of your modem. This can take up to 30 minutes to reconnect to the Internet or may require a call to the ISP in order to reinitialize the modem to your account. That URL is: http://192.168.100.1/cmConfigData.htm?BUTTON_INPUT1=Reset+All+Defaults

Unfortunately, the 135 million consumers that have this modem are at the mercy of our ISPs. ARRIS does not provide firmware updates directly to consumers. Instead ISPs provide the firmware updates to our modems and many have a policy of not updating the firmware on consumer-owned modems. My SB6141 with Mediacom has a Firmware Build Time of May 6 2013 17:53:59. ARRIS has reportedly told a few media outlets that they are working with ISPs to release a firmware update to address this.

sb6141_cablemodem

Elevator Pitch

404 Tech Support documents solutions to IT problems, shares worthwhile software and websites, and reviews hardware, consumer electronics, and technology-related books.

Subscribe to 404TS articles by email.

Follow Us

Recent Posts

FTC Disclaimer

404TechSupport is an Amazon.com affiliate; when you click on an Amazon link from 404TS, the site gets a cut of the proceeds from whatever you buy. This site also uses Skimlinks for smart monetization of other affiliate links.
Use of this site requires displaying and viewing ads as they are presented.