CVE-2017-9478
First published: Mon Jul 31 2017(Updated: )
The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST) and DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices sets the CM MAC address to a value with a two-byte offset from the MTA/VoIP MAC address, which indirectly allows remote attackers to discover hidden Home Security Wi-Fi networks by leveraging the embedding of the MTA/VoIP MAC address into the DNS hostname.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Dpc3939 Firmware | =dpc3939-p20-18-v303r20421746-170221a-cmcst | |
| Cisco DPC3939 | ||
| Cisco Dpc3939 Firmware | =dpc3939-p20-18-v303r20421733-160420a-cmcst |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2017-9478?
The severity of CVE-2017-9478 is high, with a score of 7.5.
What devices are affected by CVE-2017-9478?
CVE-2017-9478 affects Cisco DPC3939 devices with specific firmware versions dpc3939-P20-18-v303r20421733-160420a-CMCST and dpc3939-P20-18-v303r20421746-170221a-CMCST.
How do I fix CVE-2017-9478?
To fix CVE-2017-9478, upgrade the firmware of the Cisco DPC3939 to a non-vulnerable version.
What is the main issue caused by CVE-2017-9478?
CVE-2017-9478 allows remote attackers to exploit MAC address offsets, potentially leading to unauthorized access.
Is there a workaround for CVE-2017-9478?
There is no known workaround for CVE-2017-9478 other than applying the firmware update.
- collector/nvd-index
- vendor/cisco
- product/dpc3939 firmware
- canonical/cisco dpc3939 firmware
- product/dpc3939
- canonical/cisco dpc3939