CVE-2019-19494
N/A
N/A
Summary
Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom F@st 3890 prior to 50.10.21_T4, Sagemcom F@st 3890 prior to 05.76.6.3f, Sagemcom F@st 3686 3.428.0, Sagemcom F@st 3686 4.83.0, NETGEAR CG3700EMR 2.01.05, NETGEAR CG3700EMR 2.01.03, NETGEAR C6250EMR 2.01.05, NETGEAR C6250EMR 2.01.03, Technicolor TC7230 STEB 01.25, COMPAL 7284E 5.510.5.11, and COMPAL 7486E 5.510.5.11.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://www.broadcom.com
- https://cablehaunt.com
- https://github.com/Lyrebirds/Fast8690-exploit
- https://github.com/Lyrebirds/Cable-Haunt-Report/releases/download/2.4/report.pdf
References
- https://www.broadcom.com
- https://cablehaunt.com
- https://github.com/Lyrebirds/Fast8690-exploit
- https://github.com/Lyrebirds/Cable-Haunt-Report/releases/download/2.4/report.pdf
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.