Remote IPv6 Address Disclosure in Cisco Cable Modem Firmware
CVE-2017-9487

5.9MEDIUM

Key Information:

Vendor: Cisco
Status: Dpc3939 Firmware
Vendor: CVE Published:; 31 July 2017

Summary

The firmware on select Cisco cable modem models, specifically the DPC3939 and DPC3941T, contains a vulnerability that allows remote attackers to exploit knowledge of the cable modem's MAC address. This can lead to the unauthorized discovery of the WAN IPv6 IP address, potentially compromising user privacy and network security. Keeping firmware updated and monitoring for unusual network activity is crucial to mitigating associated risks.

References

https://github.com/BastilleResearch/CableTap/blob/master/...

x_refsource_MISC

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 31, 2017
Vulnerability Reserved
Jun 7, 2017