Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom F@st 3890 prior to 50.10.21_T4, Sagemcom F@st 3890 prior to 05.76.6.3f, Sagemcom F@st 3686 3.428.0, Sagemcom F@st 3686 4.83.0, NETGEAR CG3700EMR 2.01.05, NETGEAR CG3700EMR 2.01.03, NETGEAR C6250EMR 2.01.05, NETGEAR C6250EMR 2.01.03, Technicolor TC7230 STEB 01.25, COMPAL 7284E 5.510.5.11, and COMPAL 7486E 5.510.5.11.
References
Link | Resource |
---|---|
https://cablehaunt.com | Exploit Technical Description Third Party Advisory |
https://www.broadcom.com | Product |
https://github.com/Lyrebirds/Cable-Haunt-Report/releases/download/2.4/report.pdf | Technical Description Third Party Advisory |
https://github.com/Lyrebirds/Fast8690-exploit | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Information
Published : 2020-01-09 05:15
Updated : 2020-01-28 11:43
NVD link : CVE-2019-19494
Mitre link : CVE-2019-19494
JSON object : View
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Products Affected
sagemcom
- f\@st_3686
- f\@st_3890
- f\@st_3686_firmware
- f\@st_3890_firmware
compal
- 7486e
- 7284e
- 7284e_firmware
- 7486e_firmware
netgear
- c6250emr_firmware
- cg3700emr_firmware
- cg3700emr
- c6250emr
technicolor
- tc7230_steb
- tc7230_steb_firmware