advertisement
Forums

The Forum is sponsored by 
 

AAPL stock: Click Here

You are currently viewing the Tips and Deals forum
PSA: Netgear cable modems and others at risk of a serious zero day hack...
Posted by: Sarcany
Date: January 14, 2020 02:04PM
[arstechnica.com]

The attacks work by luring vulnerable users to websites that serve malicious JavaScript code that's surreptitiously hosted on the site or hidden inside of malicious ads, researchers from Denmark-based security firm Lyrebirds said in a report and accompanying website. The JavaScript then opens a websocket connection to the vulnerable cable modem and exploits a buffer overflow vulnerability in the spectrum analyzer, a small server that detects interference and other connectivity problems in a host of modems from various makers. From there, remote attackers can gain complete control over the modems, allowing them to change DNS settings, make the modem part of a botnet, and carry out a variety of other nefarious actions.

Cable Haunt, as the researchers have named their proof-of-concept exploit, is known to work on various firmware versions of the following cable modems:

Sagemcom F@st 3890
Sagemcom F@st 3686
Technicolor TC7230
Netgear C6250EMR
Netgear CG3700EMR








Edited 1 time(s). Last edit at 01/14/2020 02:04PM by Sarcany.
Options:  Reply • Quote
Re: PSA: Netgear cable modems and others at risk of a serious zero day hack...
Posted by: SteveO
Date: January 14, 2020 11:34PM
Wow, thanks for posting. Scary stuff. Glad my modem is not those brands.
Options:  Reply • Quote
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 230
Record Number of Users: 186 on February 20, 2020
Record Number of Guests: 2330 on October 25, 2018