CVE-2017-9497

Name of the Vulnerable Software and Affected Versions Comcast firmware on Motorola MX011ANM version MX011AN 2.9p6s1 PROD sey

Description The issue allows physically proximate attackers to execute arbitrary commands as root. This can be achieved by accessing the diagnostics menu on the set-top box and then posting to a Web Inspector route.

Recommendations For Comcast firmware on Motorola MX011ANM version MX011AN 2.9p6s1 PROD sey, consider restricting physical access to the set-top box to minimize the risk of exploitation. As a temporary workaround, limit access to the diagnostics menu and Web Inspector routes until a patch is available.