CVE-2002-1968

Name of the Vulnerable Software and Affected Versions Com21 DOXport 1100 series cable modem versions 2.1.1.106 through 2.1.1.108.003

Description The issue allows local users to modify the configuration of the modem by setting up a malicious TFTP server on the internal network, which the modem connects to in order to download a DOCSIS configuration file.

Recommendations For versions 2.1.1.106 through 2.1.1.108.003, restrict access to the internal network to prevent malicious TFTP servers from being set up. As a temporary workaround, consider disabling the TFTP client functionality until a patch is available. Avoid using the TFTP protocol for downloading configuration files from untrusted sources until the issue is resolved.