Vulnerabilities > Cisco > Dpc3939 Firmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-31 | CVE-2017-9481 | Unspecified vulnerability in Cisco Dpc3939 Firmware Dpc3939P2018V303R20421746170221Acmcst The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to obtain unintended access to the Network Processor (NP) 169.254/16 IP network by adding a routing-table entry that specifies the LAN IP address as the router for that network. | 7.5 |
| 2017-07-31 | CVE-2017-9480 | Information Exposure vulnerability in Cisco Dpc3939 Firmware Dpc3939P2018V303R20421746170221Acmcst The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows local users (e.g., users who have command access as a consequence of CVE-2017-9479 exploitation) to read arbitrary files via UPnP access to /var/IGD/. | 5.5 |
| 2017-07-31 | CVE-2017-9479 | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Dpc3939 Firmware Dpc3939P2018V303R20421746170221Acmcst The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to execute arbitrary commands as root by leveraging local network access and connecting to the syseventd server, as demonstrated by copying configuration data into a readable filesystem. | 9.8 |
| 2017-07-31 | CVE-2017-9478 | Information Exposure vulnerability in Cisco Dpc3939 Firmware Dpc3939P2018V303R20421733160420Acmcst/Dpc3939P2018V303R20421746170221Acmcst The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST) and DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices sets the CM MAC address to a value with a two-byte offset from the MTA/VoIP MAC address, which indirectly allows remote attackers to discover hidden Home Security Wi-Fi networks by leveraging the embedding of the MTA/VoIP MAC address into the DNS hostname. | 7.5 |
| 2017-07-31 | CVE-2017-9477 | Information Exposure vulnerability in Cisco Dpc3939 Firmware Dpc3939P2018V303R20421733160420Acmcst/Dpc3939P2018V303R20421746170221Acmcst The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST) and DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to discover the CM MAC address by connecting to the device's xfinitywifi hotspot. | 6.5 |
| 2017-07-31 | CVE-2017-9476 | Information Exposure vulnerability in multiple products The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices makes it easy for remote attackers to determine the hidden SSID and passphrase for a Home Security Wi-Fi network. | 6.5 |