CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-9485

The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to write arbitrary data to a known /var/tmp/sess_* pathname by leveraging the device's operation in UI dev mode.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 48.1%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-28.session-cookie-write.txt
https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-28.session-cookie-write.txt

Products affected by CVE-2017-9485

Cisco » Dpc3939 » Version: N/A

cpe:2.3:h:cisco:dpc3939:-
Cisco » Dpc3939 Firmware » Version: dpc3939-p20-18-v303r20421746-170221a-cmcst

cpe:2.3:o:cisco:dpc3939_firmware:dpc3939-p20-18-v303r20421746-170221a-cmcst

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-9485

Products

Pricing

Contact Us