CVE-2017-9478

Name of the Vulnerable Software and Affected Versions Cisco DPC3939 version dpc3939-P20-18-v303r20421733-160420a-CMCST Cisco DPC3939 version dpc3939-P20-18-v303r20421746-170221a-CMCST

Description The issue allows remote attackers to discover hidden Home Security Wi-Fi networks. This is possible because the Comcast firmware on the devices sets the CM MAC address to a value with a two-byte offset from the MTA/VoIP MAC address, which is embedded into the DNS hostname.

Recommendations For Cisco DPC3939 version dpc3939-P20-18-v303r20421733-160420a-CMCST, update the firmware to a version that does not embed the MTA/VoIP MAC address into the DNS hostname. For Cisco DPC3939 version dpc3939-P20-18-v303r20421746-170221a-CMCST, update the firmware to a version that does not embed the MTA/VoIP MAC address into the DNS hostname. As a temporary workaround, consider restricting access to the DNS hostname to minimize the risk of exploitation.