I don't understand how so many internet connected device's manufacturers don't even <i>think</i> to check if they have an open ports, <i>especially</i> an open SSH port. Or is it that they just don't care? I can't tell anymore.
I'm very interested to get a copy of the said vulnerable firmware to poke around. How can I get one?<p>One use case is for ATT Fiber users to get the 802.1x certificate from the router, and use your own router instead (RouterOS etc.).
Another popular and flawed modem Arris released into the wild is the SB6190. You can easily DoS it: <a href="https://www.dslreports.com/shownews/Puma-6-Flaw-Lets-Attackers-Bog-Down-Impacted-Modems-Gateways-139486" rel="nofollow">https://www.dslreports.com/shownews/Puma-6-Flaw-Lets-Attacke...</a>
> "There’s no way people are not exploiting this in the wild"<p>Hard to disagree there.<p>Does it really usually take 2 months for something like this to get disclosed? Seems like anyone bored enough to run a SYN scan on one of these would find the vulnerable services instantly.