Cable Haunt’ is a critical vulnerability in cable modems used by ISPs to provide broadband into homes. The bug essentially allows a buffer overflow, which could enable a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim s browser. 200 million modems are potentially affected in Europe alone, Lyrebirds researchers said. The vulnerability originated in reference software written by Broadcom, which has been copied by different cable-modem manufacturers and used in the devices firmware.
Source: https://threatpost.com/cable-haunt-remote-code-execution/151756/