Arbitrary Command Execution Vulnerability in Comcast Firmware on Motorola MX011ANM Devices

Arbitrary Command Execution Vulnerability in Comcast Firmware on Motorola MX011ANM Devices

CVE-2017-9497 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to execute arbitrary commands as root by pulling up the diagnostics menu on the set-top box, and then posting to a Web Inspector route.

Learn more about our Web App Pen Testing.