CVE-2017-9476

MEDIUM

Comcast firmware - Info Disclosure

Title source: llm

Description

The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices makes it easy for remote attackers to determine the hidden SSID and passphrase for a Home Security Wi-Fi network.

Exploits (1)

nomisec WORKING POC 8 stars

by wiire-a · poc

https://github.com/wiire-a/CVE-2017-9476

View Code ZIP pw:eip

References (1)

[Exploit, Third Party Advisory] https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-18.home-security-wifi-network.txt

Scores

CVSS v3 6.5

EPSS 0.1608

EPSS Percentile 94.7%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-200

Status published

Products (5)

cisco/dpc3939_firmware

commscope/arris_tg1682g_firmware

n/a/n/a

Published Jul 31, 2017

Tracked Since Feb 18, 2026