Ask a question

Reply
Posted Oct 5, 2013
12:21:20 PM
View profile
URGENT: Security Hole in U-Verse Gateways

URGENT SECURITY ANNOUNCEMENT

 

AT&T have recently upgraded the firmware in their Residential Gateways for U-Verse subscribers.

 

With this upgrade they now broadcast the WiFi encryption password in plain text for anyone to see without requiring a logon to the gateway.  Anyone connected to your home network can now simply browse to the Gateway (192.168.1.254) and simply read your WiFi password.  

 

So for all those like me regulating who could access my home network with what device, for instance children and their friends etc, can no longer secure their home network if using UVerse.

 

If this hole is not patched within 1 week I recommend leaving UVerse and contacting the FCC who regulate ISP's.

 

 

URGENT: Security Hole in U-Verse Gateways

421 views
3 replies
(0) Me too
(0) Me too
Post reply
View all replies
(3)
Highlighted
0
(0)
  • Rate this reply
View profile
Oct 5, 2013 2:00:02 PM
0
(0)
ACE - Expert
Edited by texasguy37 on Oct 5, 2013 at 2:00:25 PM

nsindy wrote:

 

With this upgrade they now broadcast the WiFi encryption password in plain text for anyone to see without requiring a logon to the gateway.  Anyone connected to your home network can now simply browse to the Gateway (192.168.1.254) and simply read your WiFi password.  

 


That raises the question of how are they able to connect to your network without already knowing the wireless access password?

*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.

Re: URGENT: Security Hole in U-Verse Gateways

[ Edited ]
2 of 4 (382 Views)
0
(0)
  • Rate this reply
View profile
Oct 5, 2013 4:39:18 PM
0
(0)
ACE - Professor

texasguy37 wrote:

nsindy wrote:

 

With this upgrade they now broadcast the WiFi encryption password in plain text for anyone to see without requiring a logon to the gateway.  Anyone connected to your home network can now simply browse to the Gateway (192.168.1.254) and simply read your WiFi password.  

 


That raises the question of how are they able to connect to your network without already knowing the wireless access password?


^^^^ This

------------------------------------------------------------------------------------------------------------------------------Note: If your issue has been resolved, please mark the post that resolved your issue as the solution. Click "Post Options" and select "Accept as Solution" to help others with the same issue find an answer.
*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.

Re: URGENT: Security Hole in U-Verse Gateways

3 of 4 (357 Views)
0
(0)
  • Rate this reply
View profile
Oct 5, 2013 7:19:45 PM
0
(0)
ACE - Master

If they are connected to your network then they already have your password.  It's ONLY if they are connected can they see it.

” Auto racing, bull fighting, and mountain climbing are the only real sports … all others are games.”- Ernest Hemingway
*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.

Re: URGENT: Security Hole in U-Verse Gateways

4 of 4 (340 Views)
Share this post
Share this post