39 matches found
CVE-1999-0791
Hybrid Network cable modems do not include an authentication mechanism for administration, allowing remote attackers to compromise the system through the HSMP protocol...
EUVD-1999-0772
Malware in sbrugna...
EUVD-2012-3025
Malware in sbrugna...
EUVD-2003-1075
Malware in sbrugna...
CVE-2019-19494
Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom F@st 3890 prior to 50.10.21T4, Sagemcom F@...
CVE-2002-2110
The RCA Digital Cable Modems DCM225 and DCM225E allow remote attackers to cause a denial of service modem device reset by connecting to port 80 on the 10.0.0.0/8 device...
Multiple vendor based Broadcom cable modems buffer overflow vulnerability
Sagemcom F@st 5260, Sagemcom F@st 3890 etc. is a router.Technicolor TC7230 STEB is a wireless router. A buffer overflow vulnerability exists in Broadcom cable modems based on multiple vendors. A remote attacker could execute arbitrary code in the kernel via JavaScript running in the victim's...
BSA-2020-896
Security Advisory ID : BSA-2020-896 Component : spectrum analyzer Revision : 1.0: Final A group of Security Researchers havereleased a vulnerability namedCable Haunt. According to the researchers,Cable Haunt was found in Broadcom Cable modems and affects various manufacturers across the world. Mo...
CVE-2019-19494
Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom F@st 3890 prior to 50.10.21T4, Sagemcom F@...
CVE-2019-19494
Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom F@st 3890 prior to 50.10.21T4, Sagemcom F@...
Buffer overflow
Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom F@st 3890 prior to 50.10.21T4, Sagemcom F@...
CVE-2019-19494
CVE-2019-19494 describes a buffer overflow in Broadcom-based cable modems that enables remote code execution at the kernel level via JavaScript in a victim’s browser. Affected devices include Sagemcom F@st 3890 (before 50.10.21_T4; before 05.76.6.3f), Sagemcom F@st 3686 (3.428.0; 4.83.0), NETGEAR...
CVE-2019-19494
Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom F@st 3890 prior to 50.10.21T4, Sagemcom F@...
PT-2019-4315 · Cisco +6 · Cisco Epc3928Ad +9
Name of the Vulnerable Software and Affected Versions: Sagemcom F@st 3890 versions prior to 50.10.21 T4 Sagemcom F@st 3890 versions prior to 05.76.6.3f Sagemcom F@st 3686 version 3.428.0 Sagemcom F@st 3686 version 4.83.0 NETGEAR CG3700EMR version 2.01.05 NETGEAR CG3700EMR version 2.01.03 NETGEAR...
ZTE F460/F660 Backdoor Unauthorized Access (CVE-2014-2321)
An Unauthorized Access Vulnerability exists in ZTE F460 and F660 cable modems. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands with administrator level access on the affected device...
KLA10704 Multiple vulnerabilities in ARRIS cable modems.
Multiple serious vulnerabilities have been found in ARRIS cable modems. Malicious users can exploit these vulnerabilities to gain privileges or inject arbitrary code. Below is a complete list of vulnerabilities: 1. Predictable technician password can be exploited remotely to gain technician...
ARRIS cable modems generate passwords deterministically and contain XSS and CSRF vulnerabilities
Overview Multiple models of ARRIS cable modems contain multiple, deterministically generated backdoor passwords, as well as multiple cross-site scripting XSS and cross-site request forgery CSRF vulnerabilities. Description CWE-255: Credentials Management - CVE-2009-5149The 'password of the day'...
Some Cable Modems Found to Leak Sensitive Data Via SNMP
Cable modems sold by two manufacturers expose a wide variety of sensitive information over SNMP, including usernames and passwords, WEP keys and SSIDs. Researchers who discovered the vulnerabilities say they’re trivially exploitable and plan to release Metasploit modules for them later this month...
Hybrid Networks Cable Broadband Access System 1.0 - Remote Configuration Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/695/info Hybrid Network's cable modems are vulnerable to several different types of attack due to a lack of authentication for the remote administration/configuration system. The cable modems use a protocol called HSMP,...
ZTE F460 / F660 Cable Modems web_shell_cmd.gch Administrative Backdoor
Nessus was able to access the 'webshellcmd.gch' script on the device, which is a backdoor that allows administrative commands to be run on the device without authentication. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid73104; scriptversion"1.5"; scriptcvsdate"Date:...