PT-2017-18951 · Cisco · Cisco Dpc3939
Chris Grayson
+2
·
Published
2017-07-31
·
Updated
2017-08-03
·
CVE-2017-9478
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco DPC3939 version dpc3939-P20-18-v303r20421733-160420a-CMCST
Cisco DPC3939 version dpc3939-P20-18-v303r20421746-170221a-CMCST
Description
The issue allows remote attackers to discover hidden Home Security Wi-Fi networks. This is possible because the Comcast firmware on the devices sets the CM MAC address to a value with a two-byte offset from the MTA/VoIP MAC address, which is embedded into the DNS hostname.
Recommendations
For Cisco DPC3939 version dpc3939-P20-18-v303r20421733-160420a-CMCST, update the firmware to a version that does not embed the MTA/VoIP MAC address into the DNS hostname.
For Cisco DPC3939 version dpc3939-P20-18-v303r20421746-170221a-CMCST, update the firmware to a version that does not embed the MTA/VoIP MAC address into the DNS hostname.
As a temporary workaround, consider restricting access to the DNS hostname to minimize the risk of exploitation.
Exploit
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Dpc3939