Exploit that gives remote access affects ~200 million cable modems (ars technica)
Exploit that gives remote access affects ~200 million cable modems (ars technica)
Ars technica reports
on the "Cable Haunt" vulnerability that afflicts a large number of
cable modems. "The first and most straightforward way is to serve malicious JavaScript that causes the browser to connect to the modem. Normally, a mechanism called cross-origin resource sharing prevents a Web application from one origin (such as malicious.example.com) from working on a different origin (such as 192.168.100.1, the address used by most or all of the vulnerable modems).
Websockets, however, aren't protected by CORS, as the mechanism is usually
called. As a result, the modems will accept the remote JavaScript, thereby
allowing attackers to reach the endpoint and serve it code.
" Thus
far, there doesn't seem to be any information out there on whether routers
running OpenWrt are vulnerable.