To fix this flaw, Nomotion recommends browsing to IP address 192.168.1.254 on a desktop web browser while connected to the local network. Combining Vulnerability 5 with known IoT vulnerabilities could lead to attacks on your smart TV, thermostat, door locks, refrigerator, etc.
If you're familiar with the security deficiences of the Internet of Things, you'll know that many smart-home devices have little or no protection against attacks coming from within the local network. It gives an attacker direct access to all the devices on a home or small-business network. The firewall bypass, which Nomotion refers to as Vulnerability 5, was likely put there for the use of AT&T support technicians. "There is something terribly wrong with this implementation," said Nomotion in its blog post. (Anything that can connect to the internet has at least one unique MAC address.)
#ROKU MAC ADDRESS ARRIS HOW TO#
MORE: Your Router's Security Stinks: Here's How to Fix ItĮvery Arris network device - modem, router or gateway device, which combines a modem and router - provided by AT&T that Nomotion tested had a secret firewall bypass on port 49152.Īccess was granted by prefacing the device's known MAC address with a secret three-byte code, which a hacker's computer could brute-force in a matter of minutes.
#ROKU MAC ADDRESS ARRIS FULL#
Our requests for comment to both Arris and AT&T were not immediately replied to, but Arris told the Threatpost tech-news blog that it was conducting a full investigation and could not comment further. For the rest, please refer to Nomotion's blog posting. Fortunately, the most widespread flaw is the easiest to fix, and we'll show you how. You can fix all these flaws yourself, although some require technical know-how and software tools. These flaws don't seem to affect the Surfboard line of cable modems that Arris markets directly to consumers, but we've asked Nomotion for clarification.) What You Need to Do Now (Arris took over Motorola's home-networking division a few years ago, and many models may bear either company's brand name.