POSSIBLE VULNERABILITY: Pace 5268AC Leaves Wifi Radio On With No Security Even When is Set to Off.

@albizu

With a second 5268ac exhibiting the same issue, it sounds like a firmware or software bug in the product. What version are you running?

Thanks @ApexRon. Here's the info:

After 2 frustrating hours on the phone with multiple people on support they decided to send a technician to "look into it". I'll report back on this after their visit today.

Bringing in ATT: @ATTDSLCare

We are at the same hardware version but my software is 10.5.3.527171-att. I also don't use the devices WiFi. Let me include a screen capture:

Thanks, here are some images of my own. Note that this happens only on the 5GHz radio, not on 2.4GHz. 

Control Panel showing all wifi radios off:

Available wireless after turning all wifi off. (Notice the "hidden" wifi network with the BSSID (mac address) ending on 00:28:f6, this is the 5GHz network of my gateway):

After restart, the gateway starts transmitting the SSID and keeps the security off. Nevermind that all wifi radios are still set to "off":

As reference here is the 5GHz network properly configured when it's on (exactly what I don't want). Notice that it's the same BSSID:

I'm having the same issue here.

Until they fix it, I did the following and left the interface enabled to maintain security:

-Since the 5268AC allows assignment to channel 165 (formerly under ISM but now UNII-3), I put it on 165 so it doesn't overlap the channels I use.

-Set the channel width to 20MHz (required for channel 165)

-Changed the SSID so that it doesn't advertise that it is ATT

-I left SSID Broadcast on just to remind me that it is there, but you could turn it off

-Set a random 63 alphanumeric character WiFi passphrase for the SSID

-Disabled Wi-Fi Protected Setup

-Turned the Transmit Power down to 10 (dropped the signal from -40 to -60 dBm when 5 feet from unit).

So at least the signal is weaker, it is not overlapping my channels, and the security is maintained (likely increased with the excessively long passphase)

Curious to know if you have found a solution to this. I am expereincing the same exact problem, except I have had this modem for about 6 months or longer and only started having this issue this morning after losing broadband service forover 6 hours last night. I have never had this problem prior to that.

I just called AT&T support but after conducting some "test", the guy I was speaking with started mentioning that I am using a 3rd party router and the modem does not support this, how I need to open some ports, how he is unable to change wifi settings and etc. I told him that I do not understand how any of that has anything to do with the fact that I have disabled Wifi on the modem but it is still broadcasting an unsecure network, something that this modem has never done before today. He then repeated the same exact story about using a 3rd party router as if I am some sort of dummy. This is very frustrating.

I have done the same thing as you have by enabling the 5ghz band and securing it but I only see this as a temp solution. We need a permenant fix.

I have already sent the dev team a referral on this situation and they are looking in to it.

***UPDATE***

So the dev team was already aware of this and a fix will be released with the next firmware release (still waiting on confirmation of next release date). Also the vulnerability is low as this is only a beaconing issue and clients should not be able to associate.

Can you also comment on whether the dev team is aware and working to fix the issues of the PACE 5268AC not transferring multicast packages from the 2.4 ghz clients to 5 ghz clients or sometimes also from wireless clients to wired clients?  See the reference post below for more on this.

http://www.dslreports.com/forum/r30233637-5031nv-10-5-1-525900-No-multicast-between-wi-fi-and-wired

Also it would be nice if DNS loopback could be added to the firmware.

Thanks,

Brandon