{
  "schema_version": "1.4.0",
  "id": "GHSA-g2f2-5gp5-vj56",
  "modified": "2022-05-24T17:05:56Z",
  "published": "2022-05-24T17:05:56Z",
  "aliases": [
    "CVE-2019-19494"
  ],
  "details": "Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom F@st 3890 prior to 50.10.21_T4, Sagemcom F@st 3890 prior to 05.76.6.3f, Sagemcom F@st 3686 3.428.0, Sagemcom F@st 3686 4.83.0, NETGEAR CG3700EMR 2.01.05, NETGEAR CG3700EMR 2.01.03, NETGEAR C6250EMR 2.01.05, NETGEAR C6250EMR 2.01.03, Technicolor TC7230 STEB 01.25, COMPAL 7284E 5.510.5.11, and COMPAL 7486E 5.510.5.11.",
  "severity": [],
  "affected": [],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-19494"
    },
    {
      "type": "WEB",
      "url": "https://cablehaunt.com"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Lyrebirds/Cable-Haunt-Report/releases/download/2.4/report.pdf"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Lyrebirds/Fast8690-exploit"
    },
    {
      "type": "WEB",
      "url": "https://www.broadcom.com"
    }
  ],
  "database_specific": {
    "cwe_ids": [],
    "severity": "HIGH",
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-01-09T13:15:00Z"
  }
}