Our Community Forum will be shutting down on June 27, 2024. Please visit att.com/support for all your support needs.
C

New Member

 • 

3 Messages

Sunday, December 19th, 2021 8:33 PM

Log4J exploit

Do I need to do anything to ensure my ATT modem/router is protected against the Log4J exploit that was announced in December 2021?

Accepted Solution

Official Solution

Community Support

 • 

232.9K Messages

3 years ago

Here to help with your gateway inquiry, @cccherald!

 

Any security updates that need to be applied to gateways on our network will be push our by our engineer team accordingly. 

 

Let us know if you have any other questions!

 

CalebP, AT&T Community Specialist 

Community Support

 • 

232.9K Messages

3 years ago

Hello cccherald, that is a great question.

 

What is the make and model of your AT&T modem? This will allow us to get you the correct line of support.

 

Let us know.

 

Thank you for visiting AT&T Community Forums!

 

Carlton, AT&T Community Specialist 

New Member

 • 

3 Messages

3 years ago

Model BGW320-505

thanks.

Community Support

 • 

232.9K Messages

3 years ago

We're here to help regarding keeping your network safe, cccherald!

 

The exploit you are speaking of is only occurring on website hosts and servers, and the way you connect to them. We suggest you only access trusted websites, or use your own internet security to keep yourself safe.

 

Let us know if you have any further questions!

 

Donovan, AT&T Community Specialist

New Member

 • 

2 Messages

3 years ago

Hello, As far as I understand that might not be accurate. Anything running Apache could be vulnerable. If the router is configured to log data from incoming traffic for example and its web server is a flavor of apache with the logging extension at the root of this vulnerability, it could be exploited from this. I have the same question on a BGW320-505

Community Support

 • 

232.9K Messages

3 years ago

Hey there @tdunct,  we want to help.

 

Let’s meet in a Direct Message to discuss your security concern. Please check your Direct Message Inbox (it’s the chat icon next to the bell icon in the upper right corner of the Forums)

 

CalebP, AT&T Community Specialist 

ACE - Expert

 • 

35.9K Messages

3 years ago

The AT&T firmware on the BGW210 and BGW320 series of routers does not allow you to enable public management access.  Thus, were the firmware to be found vulnerable to attack via the log4j issues, it could only be attacked from an actor or agent operating inside your network.  

That having been said, I've seen no evidence that these gateways employ Java in any way.

New Member

 • 

3 Messages

3 years ago

If the BGW320-505 is set up by an AT&T tech, is it configured to update automatically in case there  are security patches provided by AT&T, or does one need to log into the router as administrator to do that?

Not finding what you're looking for?
New to AT&T Community?
New to the AT&T Community? Start by visiting the Community How-To.
New to the AT&T Community?
Visit the Community How-To.