CVE-2017-9490

8.8HIGH

Key Information:

Vendor
Cisco
Status
Dpc3939b Firmware
Vendor
CVE Published:
31 July 2017

Summary

The Comcast firmware on Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices allows configuration changes via CSRF.

References

https://github.com/BastilleResearch/CableTap/blob/master/...
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.