Based on a report by an IT consultant, Paul Moore, the Virgin Media Superhub router/modem combo allows for a seven second window of vulnerability when powered on, where the admin password is exposed.
“After the seven-second window, the router takes the Wi-Fi card offline, enables encryption and brings the card back up,” Moore explains. “That’d be great, if we hadn’t already broadcast the encryption key to everyone nearby.”
The device is manufactured by Netgear and is limited to the VMDG485 hub model, identified as the SuperHub2 by Virgin Media.
“Although the damage potential is high, the chances of it actually happening are low,” Moore elaborates. “It can be exploited with just a browser and the right set of circumstances … but the attacker would need an ideal environment – strong signal, minimal load on the router, etc – for an exploit to be successful.”
“However, with minimal programming and when coupled with other Wi-Fi exploits, the risk and success rate increases dramatically. If deployed as a virus (spreading oer encrypted networks), the user could still be at risk even after the firmware has been patched,” he went on to say.
Moore notified Virgin Media prior to publicly announcing the firmware vulnerability and Virgin Media has already noted a planned firmware fix is in the works via their forums.
If you’re a Virgin Media subscriber and use the SuperHub2, be cautious, change your password, and monitor router activity.