Exploit that gives remote access affects ~200 million cable modems
Cable Haunt lets attackers take complete control when targets visit
booby-trapped sites.
Hundreds of millions of cable modems are vulnerable to critical takeover
attacks by hackers halfway around the world, researchers said.
The attacks work by luring vulnerable users to websites that serve malicious
JavaScript code that's surreptitiously hosted on the site or hidden inside of
malicious ads, researchers from Denmark-based security firm Lyrebirds said in a
report and accompanying website. The JavaScript then opens a websocket
connection to the vulnerable cable modem and exploits a buffer overflow
vulnerability in the spectrum analyzer, a small server that detects
interference and other connectivity problems in a host of modems from various
makers. From there, remote attackers can gain complete control over the modems,
allowing them to change DNS settings, make the modem part of a botnet, and
carry out a variety of other nefarious actions.
...
https://arstechnica.com/information-technology/2020/01/exploit-that-gives-remote-access-affects-200-million-cable-modems/
https://cablehaunt.com/