Arbitrary Command Execution Vulnerability in Comcast Firmware on Cisco DPC3939 Devices

Arbitrary Command Execution Vulnerability in Comcast Firmware on Cisco DPC3939 Devices

CVE-2017-9479 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to execute arbitrary commands as root by leveraging local network access and connecting to the syseventd server, as demonstrated by copying configuration data into a readable filesystem.

Learn more about our Cis Benchmark Audit For Cisco.