Accessibility Resource Center
Skip to main content
Shop
Shop
-
Shop all
- Deals Deals
- Devices Devices
-
Accessories
Accessories
Accessories
- Shop all accessories
-
Phone accessories
Phone accessories
Phone accessories
-
Tablet accessories
Tablet accessories
Tablet accessories
-
Watch accessories
Watch accessories
Watch accessories
- Charging
- Audio
- Gaming
- Smart home
- Deals
-
Plans
Plans
Plans
- Shop all plans
- Unlimited
- International services
- Connected devices
-
Those who serve
Those who serve
Those who serve
- Student plans
-
Other plans
Other plans
Other plans
- Bring your own device
- Home Home
- Prepaid Prepaid
-
+play
-
+play
- Entertainment Entertainment
-
Apps & add-ons
Apps & add-ons
Apps & add-ons
-
Business
Why Verizon
Support
Support
Choose your cart
Choose your cart
Have a phone you love? Get up to $500 when you bring your phone. OR get iPhone 13, on us for a limited time. With Select 5G Unlimited plans. Buy now
Receive up to $504 promo credit ($180 w/Welcome Unlimited, $360 w/ 5G Start, or $504 w/5G Do More, 5G Play More, 5G Get More or One Unlimited for iPhone plan (Welcome Unlimited and One Unlimited for iPhone plans can't be mixed w/other Unlimited plans; all lines on the account req'd on respective plans)) when you add a new smartphone line with your own 4G/5G smartphone on an eligible postpaid plan between 2/10/23 and 4/5/23. Promo credit applied over 36 months; promo credits end if eligibility requirements are no longer met.
$699.99 (128 GB only) device payment purchase or full retail purchase w/ new smartphone line on One Unlimited for iPhone (all lines on account req'd on plan), 5G Start, 5G Do More, 5G Play More or 5G Get More plan req'd. Less $699.99 promo credit applied over 36 mos.; promo credit ends if eligibility req’s are no longer met; 0% APR.
end of navigation menu
Sign in
- Verizon Community
- Categories
- Home
- Products
- Home Internet (Fios and High Speed)
- Fios G3100 Router CVE-2021-20090 Flaw
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
985 Members online 255K Discussions 42.3K Solutions
More Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Correct answers are available for this post.
Jump to solution.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Read that the G3100 with firmware 2.0.0.6 requires an update to address a web access flaw. Anything on when the firmware will be updated? https://www.tomsguide.com/news/arcadyan-router-malware
Solved! Go to Correct Answer
1 Solution
Correct answers
Correct answers are available for this post.
Jump to solution.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@VerizonFIOS4783 wrote:However, they do not really protect the router
The documented attack leverages on the HTTP service. If the attacker cannot even access the HTTP service (i.e. remote administration disabled), how could the attacker launch an attack?
A new firmware 3.1.0.12 begins rolling out last Tuesday, and will continue to the end of the month.
3 Replies
Correct answers are available for this post.
Jump to solution.
Re: Fios G3100 Router CVE-2021-20090 Flaw
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The firmware update will be pushed automatically over a certain period of time once it is ready.
For now, there are several existing remedies those may address the security vulnerability.
1) WAN Remote Administration over Port 443 is disabled by default. Attackers should not be able to initiate a HTTP request to the router at all. If you have Remote Administration enabled, please disable it in Remote Administration menu under the Advanced settings. The security vulnerability seems to surround the web-based administrative interface. Disable the web admin interface on WAN should be a prime remedy.
2) WAN ICMP Echo and Traceroute over UDP are enabled by default. To keep your router stealth over the Internet, you should disable them as well in the same menu as above.
3) Each device on your network should have a host based firewall enabled in addition to the firewall at your router. Once the router firewall is compromised from attack, host based firewall should start to block attacker's traffic as the second line of defense.
I hope this helps.
Correct answers are available for this post.
Jump to solution.
Re: Fios G3100 Router CVE-2021-20090 Flaw
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The mitigation steps posted by Cang_Houusehold are helpful, thank you. However, they do not really protect the router, and this vulnerability is under active attack. When will Verizon have the firmware update available?
Correct answers are available for this post.
Jump to solution.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@VerizonFIOS4783 wrote:However, they do not really protect the router
The documented attack leverages on the HTTP service. If the attacker cannot even access the HTTP service (i.e. remote administration disabled), how could the attacker launch an attack?
A new firmware 3.1.0.12 begins rolling out last Tuesday, and will continue to the end of the month.
Follow Verizon
Follow Verizon Fios