Last Tuesday, David Chen, an internet startup-founder, published information about the vulnerability in Time Warner’s SMC8014 series cable modem/Wi-Fi router combo, made by SMC. The problem would allow a hacker to remotely access the device’s administrative menu over the internet and potentially change the settings to intercept traffic, making possible all sorts of nefarious activity.
Time Warner acknowledged the problem to Threat Level that day, and said it was testing replacement firmware code from the router manufacturer, which it planned to push out to customers soon. Shortly after Threat Level published a piece about the vulnerability, a Time Warner spokesman Tweeted to Chen that the patch had been deployed and customer routers were now protected.
“Thanks for your post,†wrote spokesman Jeff Simmermon to Chen. “We’ve got a temporary patch in place now while we work on a permanent solution — you should be safe.â€
But according to Chen, the routers have not been fixed. Writing Monday at his blog, chenosaurus.com, Chen said he ran a scan over the weekend and found 500 routers still vulnerable to attack and that he had not found “a single bit of evidence that supports their claims of a ‘temporary patch.’â€
Â
