Technical Discussion
  >> Security Related Issues


Register (or login) on our website and you will not see this ad.


  Print Thread
Standard User bob_lucas
(learned) Mon 11-Jun-18 10:50:39
Print Post

BT Homehub 6 Vulnerability


[link to this post]
 
My BT broadband connection is Infinity 1 (FTTC). BT supplied a Homehub 6 router in December 2017, with firmware version SG4B1000B540. I believe BT installed that firmware remotely on 5 April 2018.

I use Avast Free Antivirus on my Windows 10 computer. According to Avast, the BT Homehub 6 router has a Unix operating system with a Broadcom chipset.

When I performed a system scan, Avast reported that this router suffers from the DnsMasq heap buffer overflow vulnerability, so it is at risk from attacks from within my network, described at http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-20... and https://security.googleblog.com/2017/10/behind-masq-...

Avast recommends that to address the vulnerability, I should apply a firmware or system update that contains DnsMasq software version 2.78 or higher, which should be provided by my device's manufacturer.

BT provide firmware updates remotely via their network from time to time, so I have no control over that aspect. Furthermore, I don't know whether an update is available for the Homehub 6 router. However, my wireless network is password protected with a strong password, so is this a real risk and should I be concerned?
Standard User flippery
(experienced) Thu 14-Jun-18 07:35:21
Print Post

Re: BT Homehub 6 Vulnerability


[re: bob_lucas] [link to this post]
 
As you have update ending in 540 the problem has been resolved. The avast notification will be corrected later.
Information in bt community forum.
Standard User bob_lucas
(learned) Thu 14-Jun-18 09:21:42
Print Post

Re: BT Homehub 6 Vulnerability


[re: flippery] [link to this post]
 
Thank you.


Register (or login) on our website and you will not see this ad.

  Print Thread

Jump to