-
Notifications
You must be signed in to change notification settings - Fork 13.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding Cable Haunt WebSocket DoS Module #12818
Conversation
This module exploits a vulnerability in Sagecom Cable Modems from a variety of manufacturers. Since the firmware for vulnerable modems will vary based on Make, Model, and ISP, this module can only be used to verify the presence of the vulnerability, and not actually return a shell. Successful exploitation will most likely disrupt all upstream services. Module documentation is included in this commit.
I have no idea why this failed, can I get an assist? |
@msjenkins-r7 test this please. |
Hello, just checking in to see if I can get a review on this module? thanks. |
Just wanted to check in on this, while I'm in 'msf' mode. Can I get a review on this? Thanks! |
I have emailed a PCAP of this to msfdev@metasploit.com in an effort to facilitate progress on this PR. |
Completed. Thanks for your help. |
Thank you for the quick response! I'll be able to get this landed shortly. :) |
Release NotesThis adds a WebSocket DoS module for the "Cable Haunt" vulnerability in certain cable modems. |
This module exploits a vulnerability in Sagecom
Cable Modems from a variety of manufacturers. Since
the firmware for vulnerable modems will vary based
on Make, Model, and ISP, this module can only be
used to verify the presence of the vulnerability,
and not actually return a shell. Successful
exploitation will most likely disrupt all upstream
services. Module documentation is included in this
commit.
Please refer to module documentation for further information.
Addresses #12817