CVE-2017-17877

Name of the Vulnerable Software and Affected Versions Valve Steam Link build 643

Description The issue is related to inadequate access control in the Valve Steam Link device. When the SSH daemon is enabled for local development, the device becomes publicly accessible via IPv6 TCP port 22 over the internet by default. This makes it easier for remote attackers to gain access by guessing 24 bits of the MAC address and attempting a root login.

Recommendations For Valve Steam Link build 643, consider disabling the SSH daemon when not in use for local development to prevent unauthorized access. Restrict access to IPv6 TCP port 22 to minimize the risk of exploitation.