The SMC cable modem and Wi-Fi router combo appliance installed by Time Warner to 65,000 customers has a vulnerability that allows anyone to remotely gain access to and change the configuration of the device. The problem, of course, lies in the fact that this could be taken advantage of by someone with malicious intentions.
Chen tried to use the password on admin panels for other routers of the same series on the Time Warner Network – and it worked! That means that the router is vulnerable (among other things) to redirection of the legitimate user’s browser to a malicious website, or can be an entry point into the user’s home network and allow the hacker to sniff out sensitive data.
Chen notified Time Warner, and they are currently testing the replacement firmware code provided by SMC, which will soon be provided for customers.