CVE-2018-19037

HIGH

Virgin Media Hub 3.0 Firmware - Denial of Service via Web Interface POST Requests

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-19037. PoCs published by Ross Inman.

AI-analyzed exploit summary This Python script performs a Denial of Service (DoS) attack against the Virgin Media Hub 3.0 router by flooding it with HTTP POST requests. It uses random user agents and maintains multiple connections to exhaust resources.

Description

On Virgin Media wireless router 3.0 hub devices, the web interface is vulnerable to denial of service. When POST requests are sent and keep the connection open, the router lags and becomes unusable to anyone currently using the web interface.

Exploits (1)

exploitdb WORKING POC

by Ross Inman · pythondoshardware

https://www.exploit-db.com/exploits/45776

View Code ZIP pw:eip

This Python script performs a Denial of Service (DoS) attack against the Virgin Media Hub 3.0 router by flooding it with HTTP POST requests. It uses random user agents and maintains multiple connections to exhaust resources.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Virgin Media Hub 3.0 Router

No auth needed

Prerequisites: Network access to the target router · Python 2.7 environment

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

https://www.exploit-db.com/exploits/45776/

Scores

CVSS v3 7.5

EPSS 0.0177

EPSS Percentile 75.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-400

Status published

Products (1)

virginmedia/hub_3.0_firmware

Published May 13, 2019

Tracked Since Feb 18, 2026