CVE-2017-9495

Published: Jul 31, 2017Modified: May 13, 2026

4.6

Vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 0.9 / Impact: 3.6

Source: NVD

Description

The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to read arbitrary files by pressing "EXIT, Down, Down, 2" on an RF4CE remote to reach the diagnostic display, and then launching a Remote Web Inspector script.

Affected (1)

Products: Motorola: Mx011anm Firmware

1 product

Mx011anm Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Motorola Mx011anm Firmware	Version mx011an_2.9p6s1_prod_sey

Running on/with	Platform Versions
Motorola Mx011anm	All versions

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-39.arbitrary-file-read.txt

Source: cve@mitre.org

Third Party Advisory

https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-39.arbitrary-file-read.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.