Does this affect their Surboard line? Specifically the SB6141? Its probably the most popular modem for people who don't wanna rent one from their provider.
I like the idea of search metasploit and I'll be making use of it, but the models mentioned in the article aren't in metasploit's database yet either. So while it is a good step, it is not very conclusive.
Doesnt look like it. Likely part of the reasoning is that the 6580 has a full router built in and the 6141 is just a cable modem. I believe they both run different firmwares as well. Also, that 600k number would be in the millions if it effected the 6141- Its standard issue for many ISP's with the higher bandwidth packages now if you dont buy voip.
I bought mine from Target 3 months ago and it still looks like it is running Motorola firmware even though it has an Arris logo stamped on the front of the device.
I discovered a few months ago Comcast is able to push firmware updates to customer owned modems without permission. So even if the backdoor is not present now there is no way to trust it will never be pushed to the devices.
Cable modems are based on a pre-Carterphone philosophy that the modem is an extension of the ISP and is completely owned (and 0wned), configured, updated, etc. by the ISP. They let you buy your own, but that doesn't change the protocol.
Makes sense. If they were to update something in their auth protocol or need to patch a security issue most people wouldn't have the tech chops to update firmware.
[1] https://twitter.com/todb/status/648956328292057088
[2] http://www.rapid7.com/db/search?utf8=%E2%9C%93&q=SB6141&t=a