Multiple cable modems used to provide broadband into homes have been compromised due to a critical vulnerability in their makeup that allows an attacker full remote control of the device in question. The vulnerability, named “Cable Haunt” by researchers, has been found in vendors including COMPAL, Netgear, Arris, Technicolor, and others.
The flaw originated in the reference software written by Broadcom, which was then copied by different modem manufacturers and used in the devices’ firmware. The vulnerability allows an attacker to perform a buffer overflow, resulting in the attacker’s ability to execute arbitrary code via JavaScript run in a victim’s browser.
Read More: ‘Cable Haunt’ Bug Plagues Millions of Home Modems