CVE-2025-29329

Buffer Overflow in the ippprint Internet Printing Protocol service in Sagemcom F@st 3686 MAGYAR4.121.0 allows remote attacker to execute arbitrary code by sending a crafted HTTP request...

CVE-2025-29329

Buffer Overflow in the ippprint Internet Printing Protocol service in Sagemcom F@st 3686 MAGYAR4.121.0 allows remote attacker to execute arbitrary code by sending a crafted HTTP request...

CVE-2025-29329

Buffer Overflow in the ippprint Internet Printing Protocol service in Sagemcom F@st 3686 MAGYAR4.121.0 allows remote attacker to execute arbitrary code by sending a crafted HTTP request...

EUVD-2021-26638

Malware in sbrugna...

EUVD-2012-5243

Malware in sbrugna...

CVE-2021-3304

CVE-2021-3304 affects Sagemcom F@ST 3686 v2 with firmware 3.495; a buffer overflow is triggered by a long sessionKey to the /goform/login URI. Connected documents confirm the affected product and input vector, but do not provide exploitation details or remediation steps in the supplied material.

CVE-2021-3304

Sagemcom F@ST 3686 v2 3.495 devices have a buffer overflow via a long sessionKey to the goform/login URI...

CVE-2020-24034

Sagemcom F@ST 5280 routers using firmware version 1.150.61 have insecure deserialization that allows any authenticated user to perform a privilege escalation to any other user. By making a request with valid sessid, nonce, and ha1 values inside of the serialized session cookie, an attacker may...

CVE-2020-24034

CVE-2020-24034 affects Sagemcom F@ST 5280 routers running firmware version 1.150.61. The issue is an insecure deserialization in the authenticated flow that lets a logged-in user alter a serialized session cookie (sess_id, nonce, ha1) to assume another user’s role, including an internal account w...

CVE-2020-24034

Sagemcom F@ST 5280 routers using firmware version 1.150.61 have insecure deserialization that allows any authenticated user to perform a privilege escalation to any other user. By making a request with valid sessid, nonce, and ha1 values inside of the serialized session cookie, an attacker may...

Sagemcom F@ST 5280 Privilege Escalation

privilege escalation Date: 08-31-2020 Exploit Author: Ryan Delaney Author Contact: ryan.delaney owasp org Author LinkedIn: https://www.linkedin.com/in/infosecrd/ Vendor Homepage: https://sagemcom.com/en Software Link: N/A F@ST 5280 firmware not published Version: F@ST 5280 router, F/W 1.150.61,...

Sagemcom F@ST 5280 Privilege Escalation Vulnerability

Sagemcom F@ST 5280 routers using firmware version 1.150.61, and possibly others, have an insecure deserialization vulnerability that allows any authenticated user to perform a privilege escalation to any other user. By making a request with valid sessid, nonce, and ha1 values inside of the...

Sagemcom F@ST 3890 (50_10_19-T1) Cable Modem - 'Cable Haunt' Remote Code Execution

// EDB Note: Download https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/47936.zip function buf2hexbuffer // buffer is an ArrayBuffer return Array.prototype.map.callnew Uint8Arraybuffer, x = '00' + x.toString16.slice-2.join''; function insertAtarr, index, toInsert...

CVE-2019-19494

Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom F@st 3890 prior to 50.10.21T4, Sagemcom F@...

CVE-2019-19494

Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom F@st 3890 prior to 50.10.21T4, Sagemcom F@...

Design/Logic Flaw

Sagemcom F@st 5260 routers using firmware version 0.4.39, in WPA mode, default to using a PSK that is generated from a 2-part wordlist of known values and a nonce with insufficient entropy. The number of possible PSKs is about 1.78 billion, which is too small...

CVE-2019-9555

CVE-2019-9555 affects Sagemcom F@st 5260 routers (firmware 0.4.39 and possibly others) where WPA PSKs are derived from a two-part wordlist plus a nonce with insufficient entropy. This yields roughly 1.78 billion possible PSKs, making the WPA key space far smaller than expected and enabling potent...

Sagemcom F@ST 3864 V2 Admin Password Disclosure

!/bin/bash Exploit Title: Sagemcom 3864 V2 get admin password Date 2015-08-15 Author: Cade Bull Software Link: null Tested on: Sagemcom F@ST 3864 V2 Version: 7.253.2F3864V2Optus The sagemcom modem does not authenticate users when requesting pages, only whilst posting forms the password.html page...

Sagem F@st 3304-V2 - Telnet Crash (PoC)

Sagem F@st 3304-V2 - Telnet Crash PoC Title : Sagem F@st 3304-V2 Telnet Crash POC Vendor : http://www.sagemcom.com Severity : High Tested Router : Sagem F@st 3304-V2 3304-V1, other versions may also be affected Date : 2015-03-08 Author : Loudiyi Mohamed Contact : [email protected] Blog :...

Sagem F@st 3304-V2 - Telnet Crash (PoC)

Title : Sagem F@st 3304-V2 Telnet Crash POC Vendor : http://www.sagemcom.com Severity : High Tested Router : Sagem F@st 3304-V2 3304-V1, other versions may also be affected Date : 2015-03-08 Author : Loudiyi Mohamed Contact : [email protected] Blog :...