Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie

[Security] Virgin Media customers may be affected by new cable modem exploit

Options
  • 13-01-2020 1:40pm
    #1
    donal.hunt
    Registered Users Posts: 335 ✭✭


    website: https://cablehaunt.com/

    Cable Haunt is a critical vulnerability found in cable modems from various manufacturers across the world. The vulnerability enables remote attackers to execute abitrary code on your modem, indirectly through an endpoint on the modem. Your cable modem is in charge of the internet traffic for all devices on the network. Cable Haunt might therefore be exploited to intercept private messages, redirect traffic, or participation in botnets.

    The vulnerable endpoint is exposed to the local network, but can be reached remotely due to improper websocket usage. Through malicious communication with this endpoint, a buffer overflow can be exploited to gain control of the modem. The technical report can be downloaded below.

    Affected modems:
    • Arris CM8200A
    • COMPAL 7284E
    • COMPAL 7486E
    • Netgear C6250EMR
    • Netgear CG3700EMR
    • Netgear CM1000
    • Netgear CM1000-1AZNAS
    • Sagemcom F@st 3890
    • Sagemcom F@st 3686
    • Surfboard SB8200
    • Technicolor TC7230 *
    • Technicolor TC4400 *

    * I believe Virgin have used Technicolor modems in the past.

    Testing script: https://github.com/Lyrebirds/cable-haunt-vulnerability-test
    Tagged:


Comments

  • Options
    #2
    ED E
    Registered Users Posts: 36,167 ✭✭✭✭ED E


    Sure whats a third CVE when there are already two open for it? Old one is remotely exploitable too.


Advertisement