EUVD-2017-18419

Malware in sbrugna...

EUVD-2017-18420

Malware in sbrugna...

Cisco DPC3939 and DPC3941T Comcast Firmware Hardcoding Vulnerability

The Cisco DPC3939 and DPC3941T are both wireless voice gateway products from Cisco USA. comcast is a set of firmware developed by Comcast USA that runs in devices such as gateways and modems. A security vulnerability exists in the Comcast firmware in the Cisco DPC3939 using the...

Cisco DPC3939 and DPC3941T Comcast Firmware Information Disclosure Vulnerability

The Cisco DPC3939 and DPC3941T are both wireless voice gateway products from Cisco USA. comcast is a set of firmware developed by Comcast USA that runs in devices such as gateways and modems. A security vulnerability exists in the Comcast firmware in the Cisco DPC3939 using the...

CVE-2017-9521

The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST; Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST; Cisco DPC3939B firmware version dpc3939b-v303r204217-150321a-CMCST; Cisco DPC3941T firmware version DPC39412.5s3PRODsey; an...

Remote code execution

The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST; Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST; Cisco DPC3939B firmware version dpc3939b-v303r204217-150321a-CMCST; Cisco DPC3941T firmware version DPC39412.5s3PRODsey; an...

CVE-2017-9488

The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST and DPC3941T firmware version DPC39412.5s3PRODsey devices allows remote attackers to access the web UI by establishing a session to the wan0 WAN IPv6 address and then entering unspecified hardcoded...

CVE-2017-9487

The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST and DPC3941T firmware version DPC39412.5s3PRODsey devices allows remote attackers to discover a WAN IPv6 IP address by leveraging knowledge of the CM MAC address...

Code injection

The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST and DPC3941T firmware version DPC39412.5s3PRODsey devices allows remote attackers to discover a WAN IPv6 IP address by leveraging knowledge of the CM MAC address...

CVE-2017-9491

The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST; Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST; Cisco DPC3939B firmware version dpc3939b-v303r204217-150321a-CMCST; Cisco DPC3941T firmware version DPC39412.5s3PRODsey; an...

Hardcoded credentials

The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST and DPC3941T firmware version DPC39412.5s3PRODsey devices allows remote attackers to access the web UI by establishing a session to the wan0 WAN IPv6 address and then entering unspecified hardcoded...

CVE-2017-9487

The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST and DPC3941T firmware version DPC39412.5s3PRODsey devices allows remote attackers to discover a WAN IPv6 IP address by leveraging knowledge of the CM MAC address...

CVE-2017-9521

The Comcast firmware on Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST; Cisco DPC3939 firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST; Cisco DPC3939B firmware version dpc3939b-v303r204217-150321a-CMCST; Cisco DPC3941T firmware version DPC39412.5s3PRODsey; an...

CVE-2017-9521

The CVE-2017-9521 entry concerns Comcast firmware in Cisco DPC3939/3939B/3941T and Arris TG1682G devices, where a specific exposed service (unnecessarily exposed per note) enables remote code execution. Affected firmware versions are listed for each device. The root cause is an exposed service th...

CVE-2017-9488

The CVE-2017-9488 entry concerns Comcast firmware for Cisco DPC3939 and DPC3941T (dpc3939-P20-18-v303r20421746-170221a-CMCST and DPC3941_2.5s3_PROD_sey). A hardcoded-credentials flaw on the wan0 IPv6 interface allows remote access to the device’s web UI after establishing a session, though this i...

Xfinity Gateway (Technicolor DPC3941T) - Cross-Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications Exploit Title: CSRF XFINITY Gateway product Technicolorpreviously Cisco DPC3941T Date: 09/08/2016 Exploit Author: Ayushman Dutta Version: dpc3941-P20-18-v303r20421733-160413a-CMCST CVE : CVE-2016-7454 The Device DPC3941T is vulnerable to...

XFINITY Gateway Technicolor Cross-Site Request Forgery Vulnerability

XFINITY Technicolor TC dpc3941T is a gateway product for multimedia from XFINITY USA. A cross-site request forgery vulnerability exists in Technicolor TC dpc3941T devices using the dpc3941-P20-18-v303r20421733-160413a-CMCST firmware. An attacker could use this vulnerability to change the Wi-Fi...

XFINITY Gateway Technicolor DPC3941T Cross Site Request Forgery Vulnerability

XFINITY Gateway Technicolor DPC3941T wifi password changing cross site request forgery proof of concept code. Exploit Title: CSRF XFINITY Gateway product Technicolorpreviously Cisco DPC3941T Exploit Author: Ayushman Dutta Version: dpc3941-P20-18-v303r20421733-160413a-CMCST CVE : CVE-2016-7454 The...

Cross site request forgery (csrf)

CSRF vulnerability on Technicolor TC dpc3941T formerly Cisco dpc3941T devices with firmware dpc3941-P20-18-v303r20421733-160413a-CMCST allows an attacker to change the Wi-Fi password, open the remote management interface, or reset the router...

CVE-2016-7454

CVE-2016-7454 affects Technicolor/Comms Cisco DPC3941T gateways (firmware dpc3941-P20-18-v303r20421733-160413a-CMCST). The vulnerability is a Cross-Site Request Forgery (CSRF) in the device’s admin interfaces that enables an attacker to change the Wi‑Fi password, open the remote management interf...