CVE-2017-9495

The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to read arbitrary files by pressing "EXIT, Down, Down, 2" on an RF4CE remote to reach the diagnostic display, and then launching a Remote Web Inspector script.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:motorola:mx011anm_firmware:mx011an_2.9p6s1_prod_sey:*:*:*:*:*:*:*
cpe:2.3:h:motorola:mx011anm:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:36

Type Values Removed Values Added
References () https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-39.arbitrary-file-read.txt - Third Party Advisory () https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-39.arbitrary-file-read.txt - Third Party Advisory

Information

Published : 2017-07-31 03:29

Updated : 2024-11-21 03:36


NVD link : CVE-2017-9495

Mitre link : CVE-2017-9495

CVE.ORG link : CVE-2017-9495


JSON object : View

Products Affected

motorola

  • mx011anm_firmware
  • mx011anm
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor