Yes, you read it right. If you lease a Comcast Modem with WiFi, Comcast has been providing the password to your WiFi network in the clear, with only minimal identity management (snippets of your address for example) (therefor granting access to the world); all courtesy of a nasty little overlooked bug in their code. A nearly perfect example of the apparent lack of application security oversight at the company, of which, alludes to systemic and blatant security incompetence.
The company is claiming to have fixed the access issue as of this writing. Question is, what other flaws exist in the company’s deployments? One bright spot to this debacle – currently, customers that supplied their own hardware routers were not among the mutitude of customers affected.
*** This is a Security Bloggers Network syndicated blog from Infosecurity.US authored by Marc Handelman. Read the original post at: https://arstechnica.com/information-technology/2018/05/comcast-bug-made-it-shockingly-easy-to-steal-customers-wi-fi-passwords/