CVE-2017-9476

CWE-200 — Information Exposure3 documents3 sources

Severity

6.5MEDIUM

EPSS

16.1%

top 5.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Dpc3939 Firmware Commscope Arris Tg1682g Firmware

Timeline

PublishedJul 31

Latest updateMay 13

Description

The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices makes it easy for remote attackers to determine the hidden SSID and passphrase for a Home Security Wi-Fi network.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶NVDcisco/dpc3939_firmwaredpc3939-p20-18-v303r20421733-160420a-cmcst, dpc3939-p20-18-v303r20421746-170221a-cmcst+1

▶NVDcommscope/arris_tg1682g_firmware10.0.132.sip.pc20.ct, tg1682_2.2p7s2_prod_sey+1

🔴Vulnerability Details

GHSA

GHSA-7726-qfpm-w589: The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v3↗2022-05-13

▶

CVEList

CVE-2017-9476: The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v3↗2017-07-31

▶