CVE-2019-19494

HIGH EPSS 97.5%
Published Jan 9, 20206y ago · Modified Jun 17, 20262w ago
8.8 CVSS 3.1
High
Find Similar
Published Jan 9, 2020 6y ago
Last Modified Jun 17, 2026 2w ago

Description

Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom F@st 3890 prior to 50.10.21_T4, Sagemcom F@st 3890 prior to 05.76.6.3f, Sagemcom F@st 3686 3.428.0, Sagemcom F@st 3686 4.83.0, NETGEAR CG3700EMR 2.01.05, NETGEAR CG3700EMR 2.01.03, NETGEAR C6250EMR 2.01.05, NETGEAR C6250EMR 2.01.03, Technicolor TC7230 STEB 01.25, COMPAL 7284E 5.510.5.11, and COMPAL 7486E 5.510.5.11.

CVSS Details

Base Score
8.8
Exploitability
2.8
Impact
5.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality High
Integrity High
Availability High

Threat Intelligence

EPSS Exploit Probability
97.5% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-120

Affected Products 19

VendorProductVersionRange
sagemcomf\@st_3890_firmware* <50.10.21_t4
sagemcomf\@st_3890*any
sagemcomf\@st_3890_firmware* <05.76.6.3f
sagemcomf\@st_3890*any
sagemcomf\@st_3686_firmware3.428.0any
sagemcomf\@st_3686_firmware4.83.0any
sagemcomf\@st_3686*any
netgearcg3700emr_firmware2.01.03any
netgearcg3700emr_firmware2.01.05any
netgearcg3700emr*any
netgearc6250emr_firmware2.01.03any
netgearc6250emr_firmware2.01.05any
netgearc6250emr*any
technicolortc7230_steb_firmware01.25any
technicolortc7230_steb*any
compal7284e_firmware5.510.5.11any
compal7284e*any
compal7486e_firmware5.510.5.11any
compal7486e*any

References 4

  • cablehaunt.com https://cablehaunt.com
    ExploitTechnical DescriptionThird Party Advisory
  • github.com https://github.com/Lyrebirds/Cable-Haunt-Report/releases/download/2.4/report.pdf
    Technical DescriptionThird Party Advisory
  • github.com https://github.com/Lyrebirds/Fast8690-exploit
    ExploitThird Party Advisory
  • broadcom.com https://www.broadcom.com
    Product

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.