New Member
•
3 Messages
Log4J exploit
Do I need to do anything to ensure my ATT modem/router is protected against the Log4J exploit that was announced in December 2021?
New Member
•
3 Messages
Do I need to do anything to ensure my ATT modem/router is protected against the Log4J exploit that was announced in December 2021?
Accepted Solution
Official Solution
ATTHelp
Community Support
•
225.8K Messages
2 years ago
Here to help with your gateway inquiry, @cccherald!
Any security updates that need to be applied to gateways on our network will be push our by our engineer team accordingly.
Let us know if you have any other questions!
CalebP, AT&T Community Specialist
0
ATTHelp
Community Support
•
225.8K Messages
2 years ago
Hello cccherald, that is a great question.
What is the make and model of your AT&T modem? This will allow us to get you the correct line of support.
Let us know.
Thank you for visiting AT&T Community Forums!
Carlton, AT&T Community Specialist
0
0
cccherald
New Member
•
3 Messages
2 years ago
Model BGW320-505
thanks.
0
0
ATTHelp
Community Support
•
225.8K Messages
2 years ago
We're here to help regarding keeping your network safe, cccherald!
The exploit you are speaking of is only occurring on website hosts and servers, and the way you connect to them. We suggest you only access trusted websites, or use your own internet security to keep yourself safe.
Let us know if you have any further questions!
Donovan, AT&T Community Specialist
0
0
tdunct
New Member
•
2 Messages
2 years ago
Hello, As far as I understand that might not be accurate. Anything running Apache could be vulnerable. If the router is configured to log data from incoming traffic for example and its web server is a flavor of apache with the logging extension at the root of this vulnerability, it could be exploited from this. I have the same question on a BGW320-505
0
ATTHelp
Community Support
•
225.8K Messages
2 years ago
Hey there @tdunct, we want to help.
Let’s meet in a Direct Message to discuss your security concern. Please check your Direct Message Inbox (it’s the chat icon next to the bell icon in the upper right corner of the Forums)
CalebP, AT&T Community Specialist
0
0
JefferMC
ACE - Expert
•
33.6K Messages
2 years ago
The AT&T firmware on the BGW210 and BGW320 series of routers does not allow you to enable public management access. Thus, were the firmware to be found vulnerable to attack via the log4j issues, it could only be attacked from an actor or agent operating inside your network.
That having been said, I've seen no evidence that these gateways employ Java in any way.
0
0
cccherald
New Member
•
3 Messages
2 years ago
If the BGW320-505 is set up by an AT&T tech, is it configured to update automatically in case there are security patches provided by AT&T, or does one need to log into the router as administrator to do that?
0
0