URGENT: Security Hole in U-Verse Gateways

Contributor

URGENT: Security Hole in U-Verse Gateways

URGENT SECURITY ANNOUNCEMENT

 

AT&T have recently upgraded the firmware in their Residential Gateways for U-Verse subscribers.

 

With this upgrade they now broadcast the WiFi encryption password in plain text for anyone to see without requiring a logon to the gateway.  Anyone connected to your home network can now simply browse to the Gateway (192.168.1.254) and simply read your WiFi password.  

 

So for all those like me regulating who could access my home network with what device, for instance children and their friends etc, can no longer secure their home network if using UVerse.

 

If this hole is not patched within 1 week I recommend leaving UVerse and contacting the FCC who regulate ISP's.

 

 

Message 1 of 4 (501 Views)
Expert

Re: URGENT: Security Hole in U-Verse Gateways

[ Edited ]

nsindy wrote:

 

With this upgrade they now broadcast the WiFi encryption password in plain text for anyone to see without requiring a logon to the gateway.  Anyone connected to your home network can now simply browse to the Gateway (192.168.1.254) and simply read your WiFi password.  

 


That raises the question of how are they able to connect to your network without already knowing the wireless access password?

Message 2 of 4 (462 Views)
ACE - Professor

Re: URGENT: Security Hole in U-Verse Gateways


texasguy37 wrote:

nsindy wrote:

 

With this upgrade they now broadcast the WiFi encryption password in plain text for anyone to see without requiring a logon to the gateway.  Anyone connected to your home network can now simply browse to the Gateway (192.168.1.254) and simply read your WiFi password.  

 


That raises the question of how are they able to connect to your network without already knowing the wireless access password?


^^^^ This

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Note: If your issue has been resolved, please mark the post that resolved your issue as the solution. Click "Post Options" and select "Accept as Solution" to help others with the same issue find an answer.
*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.
Message 3 of 4 (437 Views)
Highlighted

Re: URGENT: Security Hole in U-Verse Gateways

If they are connected to your network then they already have your password.  It's ONLY if they are connected can they see it.

” Auto racing, bull fighting, and mountain climbing are the only real sports … all others are games.”- Ernest Hemingway
Message 4 of 4 (420 Views)
Share this topic
Announcements

Welcome to the AT&T Community Forums!!! Stop by the Community How-To section for tips on how to get started.