CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-9490

The Comcast firmware on Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices allows configuration changes via CSRF.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.0%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-33.cross-site-request-forgery.txt
https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-33.cross-site-request-forgery.txt

Products affected by CVE-2017-9490

Cisco » Dpc3939b » Version: N/A

cpe:2.3:h:cisco:dpc3939b:-
Commscope » Arris Tg1682g » Version: N/A

cpe:2.3:h:commscope:arris_tg1682g:-
Arris » Tg1682g Firmware » Version: 10.0.132.sip.pc20.ct

cpe:2.3:o:arris:tg1682g_firmware:10.0.132.sip.pc20.ct
Arris » Tg1682g Firmware » Version: tg1682_2.2p7s2_prod_sey

cpe:2.3:o:arris:tg1682g_firmware:tg1682_2.2p7s2_prod_sey
Cisco » Dpc3939b Firmware » Version: dpc3939b-v303r204217-150321a-cmcst

cpe:2.3:o:cisco:dpc3939b_firmware:dpc3939b-v303r204217-150321a-cmcst

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-9490

Products

Pricing

Contact Us