← back
CVE-2019-19495

CVE-2019-19495

EPSS 4.3%
The web interface on the Technicolor TC7230 STEB 01.25 is vulnerable to DNS rebinding, which allows a remote attacker to configure the cable modem via JavaScript in a victim's browser. The attacker can then configure the cable modem to port forward the modem's internal TELNET server, allowing external access to a root shell.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://cablehaunt.comhttps://github.com/Lyrebirds/Cable-Haunt-Report/releases/download/2.4/report.pdfhttps://github.com/Lyrebirds/Fast8690-exploit