Just tried logging into my modem today using secure https instead of standard http, and Firefox tells me that the certificate not only expired in 2013, but was issued in Shanghai, and uses the severely outdated SHA-1 algorithm. I've only had this modem for a few years. The Cisco website says they're based in California, though Comcast claims they have Chinese offices as well. So, anyone know why Comcast would be installing Chinese modems with expired certificates and SHA-1 encryption? If this weren't scary enough, because I'm running a fixed-IP server/router behind the modem, the installers recommended I set the modem firewall to the lowest setting, to allow everything to work properly. Thanks.
Hello, thanks for sharing. I know this activity is concerning. When I test our router interface, I am not getting this message or information. Your best bet is to call our Customer Security Assurance team at 1-888-565-4329 so we can dive into this security concern a little further.
Thanks. I suppose it wouldn't be as concerning if the router control web interface could only be accessed from "behind" the modem. However, I don't think that's the case, as otherwise there wouldn't be "remote access" controls (which I have turned off) available in the menu.
I can entirely understand where you are coming from and we want to ensure that your business is secure. You can also reach out through the website for our security assurance teams https://comca.st/3gNsUjn or you can reach out by phone during the Business Hours: 6:00am - 2:00am EST, 7 days a week Contact #: 1-888-565-4329. We would love to get to the bottom of your certificate concerns and ensure that we get you a secure connection. Our experts here will ensure that we do all that we can to secure all aspects of your business connection.