SERVERCOM (INDIA) PRIVATE LIMITED — 11 prefixes (MA-L)

"SERVERCOM (INDIA) PRIVATE LIMITED" holds 11 MA-L OUI blocks, all registered to E-43/1 Okhla Industrial Area Phase-II, New Delhi, IN. Despite the name, this is not the bare-metal hosting provider Servers.com (Nexcess); it is the New Delhi manufacturing subsidiary of Sercomm Corporation, the Taipei-based telecom-CPE maker incorporated in India on 2 December 2019. The blocks back the kind of equipment Sercomm builds and white-labels for ISPs worldwide: FTTx and broadband home gateways, DSL/FTTH/4G/5G fixed-wireless routers, Wi-Fi mesh extenders, DOCSIS modems, and IoT gateways — devices that typically reach end users as operator-supplied customer-premises equipment rather than under a Servercom-branded retail name. Two caveats matter for any work on this vendor. First, the name collision: "Servers.com" is an entirely separate hosting company with no IEEE OUI registration, and conflating the two is a real data-quality trap. Second, the security posture: Sercomm-family CPE has a documented CVE history, including a reactivatable backdoor in Sercomm-based modems (surfacing across Netgear/Cisco/Diamond-branded hardware), CVE-2021-44080 (authenticated root RCE on the SerComm h500s DSL gateway), and CVE-2025-67113 (unauthenticated OS command injection via the CWMP/ACS client on the SCE4255W) — the recurring-firmware-RCE profile of a widely deployed ISP CPE supplier. As always, the OUI identifies the manufacturer of the silicon/interface, not necessarily the brand on the box.

IEEE assignment

11 prefixes → SERVERCOM (INDIA) PRIVATE LIMITED, registered New Delhi, IN [Confirmed] — IEEE MA-L (enrichment/registries/oui.csv)

Registry / block size

MA-L (24-bit OUI); holds 11 IEEE prefixes (~16.7M addresses each) [Confirmed] — IEEE MA-L (enrichment/registries/oui.csv), corroborated by udger.com / maclookup.app. NOTE: IEEE's public OUI data publishes NO assignment/registration date (oui.csv columns are only Registry, Assignment, Organization Name, Organization Address); the cached registry has no date field. Third-party "first seen" values (e.g. maclookup.app 2020-09-15) are database ingestion artifacts, not IEEE facts.

HQ / country

E-43/1 Okhla Industrial Area Phase-II, New Delhi, South Delhi, IN [Confirmed] — IEEE MA-L (enrichment/registries/oui.csv). One block (A8:DA:0C) carries postal code 110001; the other 10 list "NA". A second corporate address appears in filings: B1/H3 Mohan Co-operative Industrial Area, Mathura Road, New Delhi 110044 [Likely] — tofler.in / udger.com

Company status

active; private subsidiary of a foreign company, incorporated 2 December 2019, CIN U31109DL2019FTC358249 [Confirmed] — tofler.in

Parent company

Sercomm Corporation (Taipei, Taiwan; founded 1992); a listed director (Wei Wang) is consistent with a Sercomm subsidiary [Confirmed] — tofler.in, tracxn.com, sercomm.com

Device types

telecom CPE / broadband networking — FTTx gateways, DSL/FTTH/4G/5G home routers, Wi-Fi mesh extenders/repeaters, DOCSIS modems, IP streamers, IoT gateways, enterprise Wi-Fi (Wi-Fi 6/7) access points, small cells, SD-WAN [Confirmed] — sercomm.com, tofler.in

Notable products

ISP-supplied/white-labeled broadband gateways and routers (manufacturing/assembly for Sercomm's global lines)

Verified prefixes (all MA-L, SERVERCOM (INDIA) PRIVATE LIMITED)

28:A9:15, 78:BB:C1, 84:28:D6, 8C:A3:99, 98:87:4C, 9C:D4:A6, A8:88:1F, A8:DA:0C, B4:A7:C6, D8:78:C9, F0:ED:B8 [Confirmed] — IEEE MA-L (enrichment/registries/oui.csv lines 183, 7151, 8043, 8927, 9128, 24312, 32111, 38181, 38312, 38429, 38523); no MA-M/MA-S matches in mam.csv or oui36.csv

Typical deployment context

operator-supplied customer-premises equipment (home broadband gateways/routers white-labeled by telecom operators), plus enterprise Wi-Fi and IoT/smart-home contexts. FY2024 revenue ~₹1,550 Cr with ~24 employees indicates a manufacturing/distribution entity, not an end-user retail brand [Likely] — thecompanycheck.com, sercomm.com

Security context

Sercomm-family CPE has a documented vulnerability history — a reactivatable backdoor in Sercomm-based modems (Netgear/Cisco/Diamond-branded units); CVE-2021-44080 (authenticated root RCE via setup.cgi on the SerComm h500s, firmware lowi-h500s-v3.4.22, CVSS 6.6); CVE-2025-67113 (unauthenticated OS command injection via the CWMP client on the SCE4255W, exploitable by a malicious ACS) [Confirmed] — nccgroup.com, bitdefender.com, sentinelone.com

Special note

HIGH name-collision risk. "SERVERCOM (INDIA) PRIVATE LIMITED" (this OUI registrant; a Sercomm subsidiary) is NOT "Servers.com" / "Servers.com by Nexcess," a US/EU bare-metal hosting provider (founded 2014, Lansing MI) that holds no IEEE OUI registration. Do not conflate them. [Confirmed] — servers.com, tofler.in

Related vendors

Sercomm Corporation (parent, Taiwan)

Analyst note

A SERVERCOM (INDIA) OUI identifies Sercomm-manufactured hardware (typically ISP CPE), but the device is usually sold under an operator's or third party's brand, so the OUI names the maker, not the retail label. Treat any such device as ISP-grade CPE with a recurring-RCE risk profile and verify firmware currency.