Lucene search
K

63 matches found

CNVD
CNVD
added 2017/08/03 12:0 a.m.4 views

Motorola MX011ANM File Upload Vulnerability

The Motorola MX011ANM is an Internet set-top box device from Motorola, U.S.A. The Xfinity XR11-20 Voice Remote is a voice remote control device.Comcast is a set of firmware developed by Comcast, U.S.A., that runs in devices such as gateways and modems. . A security vulnerability in the Comcast...

5.5CVSS7AI score0.00192EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/01 12:0 a.m.2 views

Cisco DPC3939 Firmware Unauthorized Operation Vulnerability

Cisco DPC3939 is a wireless voice gateway product from Cisco USA. A security vulnerability exists in the Cisco DPC3939 firmware. Allows a remote attacker to discover the CM MAC address through an xfinitywifi hotspot connected to the device...

6.5CVSS6.6AI score0.01039EPSS
Exploits1References1
Prion
Prion
added 2017/07/31 3:29 a.m.12 views

Design/Logic Flaw

Comcast XFINITY WiFi Home Hotspot devices allow remote attackers to spoof the identities of Comcast customers via a forged MAC address...

4.3CVSS7.2AI score0.01392EPSS
Exploits0References1
OSV
OSV
added 2017/07/31 3:29 a.m.6 views

CVE-2017-9498

The Comcast firmware on Motorola MX011ANM firmware version MX011AN2.9p6s1PRODsey and Xfinity XR11-20 Voice Remote devices allows local users to upload arbitrary firmware images to an XR11 by leveraging root access. In other words, there is no protection mechanism involving digital signatures for...

5.5CVSS5.9AI score0.00192EPSS
Exploits0References1
NVD
NVD
added 2017/07/31 3:29 a.m.16 views

CVE-2017-9498

The Comcast firmware on Motorola MX011ANM firmware version MX011AN2.9p6s1PRODsey and Xfinity XR11-20 Voice Remote devices allows local users to upload arbitrary firmware images to an XR11 by leveraging root access. In other words, there is no protection mechanism involving digital signatures for...

5.5CVSS5.7AI score0.00192EPSS
Exploits0References1
CVE
CVE
added 2017/07/31 3:0 a.m.44 views

CVE-2017-9475

CVE-2017-9475 affects Comcast XFINITY WiFi Home Hotspot devices. It describes a remote‑level vulnerability where an attacker can spoof the identities of Comcast customers by forging MAC addresses. The available description does not specify the exact component, firmware version, or root cause beyo...

5.9CVSS5.7AI score0.01392EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/07/31 3:0 a.m.46 views

CVE-2017-9498

The CVE-2017-9498 entry affects Comcast firmware on Motorola MX011ANM and Xfinity XR11-20 Voice Remote, where there is no digital-signature protection for firmware updates. This allows a local attacker with root access to upload arbitrary firmware images to the XR11, as described in the vulnerabi...

5.5CVSS5.7AI score0.00192EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/07/31 3:0 a.m.23 views

CVE-2017-9498

The Comcast firmware on Motorola MX011ANM firmware version MX011AN2.9p6s1PRODsey and Xfinity XR11-20 Voice Remote devices allows local users to upload arbitrary firmware images to an XR11 by leveraging root access. In other words, there is no protection mechanism involving digital signatures for...

5.8AI score0.00192EPSS
Exploits0References1
rapid7community
rapid7community
added 2017/05/17 5:0 p.m.35 views

R7-2016-23, R7-2016-26, R7-2016-27: Multiple Home Security Vulnerabilities

Executive Summary In October of 2016, former Rapid7 researcher Phil Bosco discovered a number of relatively low-risk vulnerabilities and issues involving home security systems that are common throughout the United States, and which have significant WiFi or Ethernet capabilities. The three systems...

6.9AI score
Exploits0
0day.today
0day.today
added 2017/01/01 12:0 a.m.77 views

Xfinity Gateway (Technicolor DPC3941T) - Cross-Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications Exploit Title: CSRF XFINITY Gateway product Technicolorpreviously Cisco DPC3941T Date: 09/08/2016 Exploit Author: Ayushman Dutta Version: dpc3941-P20-18-v303r20421733-160413a-CMCST CVE : CVE-2016-7454 The Device DPC3941T is vulnerable to...

7.9CVSS0.4AI score0.03329EPSS
Exploits6
0day.today
0day.today
added 2016/12/18 12:0 a.m.50 views

XFINITY Gateway Technicolor DPC3941T Cross Site Request Forgery Vulnerability

XFINITY Gateway Technicolor DPC3941T wifi password changing cross site request forgery proof of concept code. Exploit Title: CSRF XFINITY Gateway product Technicolorpreviously Cisco DPC3941T Exploit Author: Ayushman Dutta Version: dpc3941-P20-18-v303r20421733-160413a-CMCST CVE : CVE-2016-7454 The...

7.9CVSS8AI score0.03329EPSS
Exploits6
Packet Storm
Packet Storm
added 2016/12/12 12:0 a.m.160 views

XFINITY Gateway Technicolor DPC3941T Cross Site Request Forgery

Exploit Title: CSRF XFINITY Gateway product Technicolorpreviously Cisco DPC3941T Date: 12/12/2016 Exploit Author: Ayushman Dutta Version: dpc3941-P20-18-v303r20421733-160413a-CMCST CVE : CVE-2016-7454 The Device DPC3941T is vulnerable to CSRF and has no security on the entire admin panel for it...

0.3AI score0.03329EPSS
Exploits6
CNVD
CNVD
added 2016/12/06 12:0 a.m.2 views

Xfinity Gateway Remote Code Execution Vulnerability

Xfinity Gateway is a gateway product from Xfinity. A remote code execution vulnerability exists in the destinationaddress parameter of the networkdiagnostictools.php page of the Xfinity Gateway system, which can be exploited by an attacker to execute arbitrary code in the context of an affected...

8.4AI score
Exploits0References1
0day.today
0day.today
added 2016/12/03 12:0 a.m.85 views

Xfinity Gateway - Remote Code Execution Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Xfinity Gateway: Remote Code Execution Date: 12/2/2016 Exploit Author: Gregory Smiley Contact: email protected Vendor Homepage: http://xfinity.com Platform: php The page located at /networkdiagnostictools.php has a feature...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2016/12/02 12:0 a.m.45 views

Xfinity Gateway Remote Code Execution

Exploit Title: Xfinity Gateway: Remote Code Execution Date: 12/2/2016 Exploit Author: Gregory Smiley Contact: [email protected] Vendor Homepage: http://xfinity.com Platform: php The page located at /networkdiagnostictools.php has a feature called test connectivity, which is carried out through ...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2016/12/02 12:0 a.m.78 views

Xfinity Gateway - Remote Code Execution

Exploit Title: Xfinity Gateway: Remote Code Execution Date: 12/2/2016 Exploit Author: Gregory Smiley Contact: [email protected] Vendor Homepage: http://xfinity.com Platform: php The page located at /networkdiagnostictools.php has a feature called test connectivity, which is carried out through ...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2016/12/02 12:0 a.m.32 views

Xfinity Gateway - Remote Code Execution

Xfinity Gateway - Remote Code Execution Exploit Title: Xfinity Gateway: Remote Code Execution Date: 12/2/2016 Exploit Author: Gregory Smiley Contact: [email protected] Vendor Homepage: http://xfinity.com Platform: php The page located at /networkdiagnostictools.php has a feature called test...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2016/12/01 12:0 a.m.38 views

Xfinity Gateway Cross Site Request Forgery

EXPLOIT TITLE: CSRF RCE XFINITY WEB GATEWAY AUTHOR: Pabstersac DATE: 1ST OF AUGUST 2016 CVE: N/A CATEGORY: REMOTE CONTACT: [email protected] IF ANYONE HAS COMMUNICATION WITH VENDOR PLEASE NOTIFY THEM SINCE THEY HAVE IGNORED ME. CSRF FOR COMCAST XFINITY WEB GATEWAY. LEADS TO RCE AND ACCESS TO T...

0.7AI score
Exploits0
0day.today
0day.today
added 2016/12/01 12:0 a.m.48 views

Xfinity Gateway - Cross-Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications EXPLOIT TITLE: CSRF RCE XFINITY WEB GATEWAY AUTHOR: Pabstersac DATE: 1ST OF AUGUST 2016 CVE: N/A CATEGORY: REMOTE CONTACT: email protected IF ANYONE HAS COMMUNICATION WITH VENDOR PLEASE NOTIFY THEM SINCE THEY HAVE IGNORED ME. CSRF FOR...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2016/11/30 12:0 a.m.58 views

Xfinity Gateway - Cross-Site Request Forgery

EXPLOIT TITLE: CSRF RCE XFINITY WEB GATEWAY AUTHOR: Pabstersac DATE: 1ST OF AUGUST 2016 CVE: N/A CATEGORY: REMOTE CONTACT: [email protected] IF ANYONE HAS COMMUNICATION WITH VENDOR PLEASE NOTIFY THEM SINCE THEY HAVE IGNORED ME. CSRF FOR COMCAST XFINITY WEB GATEWAY. LEADS TO RCE AND ACCESS TO T...

7.4AI score
Exploits0
Rows per page
Query Builder