[ARS] Oh goodie... 'Cable Haunt', your CableModem may be exploitable remotely.

[VirtualLarry]

Exploit that gives remote access affects ~200 million cable modems

Cable Haunt lets attackers take complete control when targets visit booby-trapped sites.

arstechnica.com

 

[ElFenix]

The attack doesn't work when vulnerable targets use Firefox,

another reason to use it.

 

[ch33zw1z]

Cable Haunt, as the researchers have named their proof-of-concept exploit, is known to work on various firmware versions of the following cable modems:

• Sagemcom F@st 3890
• Sagemcom F@st 3686
• Technicolor TC7230
• Netgear C6250EMR
• Netgear CG3700EMR

The exploit may also work against the Compal 7284E and Compal 7486E. Because the spectrum analyzer server is present in other cable modems, the exploit is likely to work on other models as well. Lyrebirds' proof-of-concept attack works reliably against the Technicolor TC7230 and the Sagemcom F@st 8690. With tweaks, the attack code will work on other models listed as vulnerable. The vulnerability is tracked as CVE-2019-19494. A more specific vulnerability targeting only the technicolor TC7230 modem is indexed as CVE-2019-19495.

I won't get too worried yet, seems my modem isn't on the list.