Search criteria
6 vulnerabilities found for mx011anm by motorola
VAR-201707-1019
Vulnerability from variot - Updated: 2025-04-20 23:37The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows remote attackers to conduct successful forced-pairing attacks (between an RF4CE remote and a set-top box) by repeatedly transmitting the same pairing code. Motorola MX011ANM Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MotorolaMX011ANM is a network set-top box device from Motorola, USA. Comcast is a firmware developed by Comcast, Inc., which runs on devices such as gateways and modems. A security vulnerability exists in the Comcast firmware in the MotorolaMX011ANM using the firmware version MX011AN_2.9p6s1_PROD_sey. A remote attacker can exploit this vulnerability to commit a mandatory pairing attack by repeatedly submitting the same pairing code
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-1019",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mx011anm",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "mx011an_2.9p6s1_prod_sey"
},
{
"model": "mx011anm",
"scope": "eq",
"trust": 0.8,
"vendor": "motorola",
"version": "mx011an_2.9p6s1_prod_sey"
},
{
"model": "mx011anm",
"scope": null,
"trust": 0.6,
"vendor": "motorola",
"version": null
},
{
"model": "mx011anm mx011an 2.9p6s1 prod sey",
"scope": null,
"trust": 0.6,
"vendor": "motorola",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19304"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006527"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-224"
},
{
"db": "NVD",
"id": "CVE-2017-9493"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:motorola:mx011anm_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006527"
}
]
},
"cve": "CVE-2017-9493",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CVE-2017-9493",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-19304",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "VHN-117696",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "nvd@nist.gov",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"id": "CVE-2017-9493",
"impactScore": 3.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-9493",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-9493",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-19304",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201706-224",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-117696",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19304"
},
{
"db": "VULHUB",
"id": "VHN-117696"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006527"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-224"
},
{
"db": "NVD",
"id": "CVE-2017-9493"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows remote attackers to conduct successful forced-pairing attacks (between an RF4CE remote and a set-top box) by repeatedly transmitting the same pairing code. Motorola MX011ANM Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MotorolaMX011ANM is a network set-top box device from Motorola, USA. Comcast is a firmware developed by Comcast, Inc., which runs on devices such as gateways and modems. A security vulnerability exists in the Comcast firmware in the MotorolaMX011ANM using the firmware version MX011AN_2.9p6s1_PROD_sey. A remote attacker can exploit this vulnerability to commit a mandatory pairing attack by repeatedly submitting the same pairing code",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9493"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006527"
},
{
"db": "CNVD",
"id": "CNVD-2017-19304"
},
{
"db": "VULHUB",
"id": "VHN-117696"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-9493",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006527",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201706-224",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-19304",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-117696",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19304"
},
{
"db": "VULHUB",
"id": "VHN-117696"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006527"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-224"
},
{
"db": "NVD",
"id": "CVE-2017-9493"
}
]
},
"id": "VAR-201707-1019",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19304"
},
{
"db": "VULHUB",
"id": "VHN-117696"
}
],
"trust": 1.52352942
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19304"
}
]
},
"last_update_date": "2025-04-20T23:37:50.298000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.motorolasolutions.com/en_us.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006527"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117696"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006527"
},
{
"db": "NVD",
"id": "CVE-2017-9493"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://github.com/bastilleresearch/cabletap/blob/master/doc/advisories/bastille-37.rf4ce-forced-pairing.vendor.txt"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9493"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9493"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19304"
},
{
"db": "VULHUB",
"id": "VHN-117696"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006527"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-224"
},
{
"db": "NVD",
"id": "CVE-2017-9493"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-19304"
},
{
"db": "VULHUB",
"id": "VHN-117696"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006527"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-224"
},
{
"db": "NVD",
"id": "CVE-2017-9493"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-19304"
},
{
"date": "2017-07-31T00:00:00",
"db": "VULHUB",
"id": "VHN-117696"
},
{
"date": "2017-08-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006527"
},
{
"date": "2017-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-224"
},
{
"date": "2017-07-31T03:29:00.770000",
"db": "NVD",
"id": "CVE-2017-9493"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-19304"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-117696"
},
{
"date": "2017-08-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006527"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-224"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-9493"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-224"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Motorola MX011ANM Access control vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006527"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-224"
}
],
"trust": 0.6
}
}
VAR-201707-1024
Vulnerability from variot - Updated: 2025-04-20 23:30The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) and Xfinity XR11-20 Voice Remote devices allows local users to upload arbitrary firmware images to an XR11 by leveraging root access. In other words, there is no protection mechanism involving digital signatures for the firmware. Motorola MX011ANM and Xfinity XR11-20 Voice Remote Devices have vulnerabilities related to authorization, permissions, and access control.Information may be tampered with. MotorolaMX011ANM is a network set-top box device from Motorola, USA. The XfinityXR11-20VoiceRemote is a voice remote control device. Comcast is a firmware developed by Comcast, Inc., which runs on devices such as gateways and modems. A security vulnerability exists in the Comcast firmware in the MotorolaMX011ANM and XfinityXR11-20VoiceRemote devices using MX011AN_2.9p6s1_PROD_sey firmware, which is due to a lack of protection for the program
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-1024",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mx011anm",
"scope": "eq",
"trust": 2.4,
"vendor": "motorola",
"version": "mx011an_2.9p6s1_prod_sey"
},
{
"model": "xfinity xr11-20",
"scope": "eq",
"trust": 1.0,
"vendor": "comcast",
"version": null
},
{
"model": "xfinity xr11-20",
"scope": null,
"trust": 0.8,
"vendor": "comcast",
"version": null
},
{
"model": "mx011anm 2.9p6s1 prod sey",
"scope": null,
"trust": 0.6,
"vendor": "motorola",
"version": null
},
{
"model": "mx011anm mx011an 2.9p6s1 prod sey",
"scope": null,
"trust": 0.6,
"vendor": "motorola",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19300"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006606"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-219"
},
{
"db": "NVD",
"id": "CVE-2017-9498"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:comcast:xfinity_xr11-20_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:motorola:mx011anm_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006606"
}
]
},
"cve": "CVE-2017-9498",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-9498",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2017-19300",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-117701",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"id": "CVE-2017-9498",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-9498",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-9498",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-19300",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201706-219",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-117701",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19300"
},
{
"db": "VULHUB",
"id": "VHN-117701"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006606"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-219"
},
{
"db": "NVD",
"id": "CVE-2017-9498"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) and Xfinity XR11-20 Voice Remote devices allows local users to upload arbitrary firmware images to an XR11 by leveraging root access. In other words, there is no protection mechanism involving digital signatures for the firmware. Motorola MX011ANM and Xfinity XR11-20 Voice Remote Devices have vulnerabilities related to authorization, permissions, and access control.Information may be tampered with. MotorolaMX011ANM is a network set-top box device from Motorola, USA. The XfinityXR11-20VoiceRemote is a voice remote control device. Comcast is a firmware developed by Comcast, Inc., which runs on devices such as gateways and modems. A security vulnerability exists in the Comcast firmware in the MotorolaMX011ANM and XfinityXR11-20VoiceRemote devices using MX011AN_2.9p6s1_PROD_sey firmware, which is due to a lack of protection for the program",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9498"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006606"
},
{
"db": "CNVD",
"id": "CNVD-2017-19300"
},
{
"db": "VULHUB",
"id": "VHN-117701"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-9498",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006606",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201706-219",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-19300",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-117701",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19300"
},
{
"db": "VULHUB",
"id": "VHN-117701"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006606"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-219"
},
{
"db": "NVD",
"id": "CVE-2017-9498"
}
]
},
"id": "VAR-201707-1024",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19300"
},
{
"db": "VULHUB",
"id": "VHN-117701"
}
],
"trust": 1.5823529466666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19300"
}
]
},
"last_update_date": "2025-04-20T23:30:54.840000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://corporate.comcast.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.motorolasolutions.com/en_us.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006606"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-354",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117701"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006606"
},
{
"db": "NVD",
"id": "CVE-2017-9498"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://github.com/bastilleresearch/cabletap/blob/master/doc/advisories/bastille-42.remote-ota.txt"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9498"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9498"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19300"
},
{
"db": "VULHUB",
"id": "VHN-117701"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006606"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-219"
},
{
"db": "NVD",
"id": "CVE-2017-9498"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-19300"
},
{
"db": "VULHUB",
"id": "VHN-117701"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006606"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-219"
},
{
"db": "NVD",
"id": "CVE-2017-9498"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-19300"
},
{
"date": "2017-07-31T00:00:00",
"db": "VULHUB",
"id": "VHN-117701"
},
{
"date": "2017-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006606"
},
{
"date": "2017-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-219"
},
{
"date": "2017-07-31T03:29:00.940000",
"db": "NVD",
"id": "CVE-2017-9498"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-19300"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-117701"
},
{
"date": "2017-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006606"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-219"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-9498"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-219"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Motorola MX011ANM and Xfinity XR11-20 Voice Remote Vulnerabilities related to authorization, authority, and access control in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006606"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-219"
}
],
"trust": 0.6
}
}
VAR-201707-1023
Vulnerability from variot - Updated: 2025-04-20 23:29The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to execute arbitrary commands as root by pulling up the diagnostics menu on the set-top box, and then posting to a Web Inspector route. Motorola MX011ANM Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MotorolaMX011ANM is a network set-top box device from Motorola, USA. Comcast is a firmware developed by Comcast, Inc., which runs on devices such as gateways and modems. A security vulnerability exists in the Comcast firmware in the MotorolaMX011ANM using the firmware version MX011AN_2.9p6s1_PROD_sey. An attacker with a physical location nearby can exploit the vulnerability to execute arbitrary code with root privileges
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-1023",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mx011anm",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "mx011an_2.9p6s1_prod_sey"
},
{
"model": "mx011anm",
"scope": "eq",
"trust": 0.8,
"vendor": "motorola",
"version": "mx011an_2.9p6s1_prod_sey"
},
{
"model": "mx011anm",
"scope": null,
"trust": 0.6,
"vendor": "motorola",
"version": null
},
{
"model": "mx011anm mx011an 2.9p6s1 prod sey",
"scope": null,
"trust": 0.6,
"vendor": "motorola",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19301"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006529"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-220"
},
{
"db": "NVD",
"id": "CVE-2017-9497"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:motorola:mx011anm_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006529"
}
]
},
"cve": "CVE-2017-9497",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-9497",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CNVD-2017-19301",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-117700",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2017-9497",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-9497",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-9497",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-19301",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201706-220",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-117700",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19301"
},
{
"db": "VULHUB",
"id": "VHN-117700"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006529"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-220"
},
{
"db": "NVD",
"id": "CVE-2017-9497"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to execute arbitrary commands as root by pulling up the diagnostics menu on the set-top box, and then posting to a Web Inspector route. Motorola MX011ANM Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MotorolaMX011ANM is a network set-top box device from Motorola, USA. Comcast is a firmware developed by Comcast, Inc., which runs on devices such as gateways and modems. A security vulnerability exists in the Comcast firmware in the MotorolaMX011ANM using the firmware version MX011AN_2.9p6s1_PROD_sey. An attacker with a physical location nearby can exploit the vulnerability to execute arbitrary code with root privileges",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9497"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006529"
},
{
"db": "CNVD",
"id": "CNVD-2017-19301"
},
{
"db": "VULHUB",
"id": "VHN-117700"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-9497",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006529",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201706-220",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-19301",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-117700",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19301"
},
{
"db": "VULHUB",
"id": "VHN-117700"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006529"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-220"
},
{
"db": "NVD",
"id": "CVE-2017-9497"
}
]
},
"id": "VAR-201707-1023",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19301"
},
{
"db": "VULHUB",
"id": "VHN-117700"
}
],
"trust": 1.52352942
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19301"
}
]
},
"last_update_date": "2025-04-20T23:29:36.240000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.motorolasolutions.com/en_us.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006529"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117700"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006529"
},
{
"db": "NVD",
"id": "CVE-2017-9497"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://github.com/bastilleresearch/cabletap/blob/master/doc/advisories/bastille-41.root-command-execution.txt"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9497"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9497"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19301"
},
{
"db": "VULHUB",
"id": "VHN-117700"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006529"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-220"
},
{
"db": "NVD",
"id": "CVE-2017-9497"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-19301"
},
{
"db": "VULHUB",
"id": "VHN-117700"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006529"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-220"
},
{
"db": "NVD",
"id": "CVE-2017-9497"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-19301"
},
{
"date": "2017-07-31T00:00:00",
"db": "VULHUB",
"id": "VHN-117700"
},
{
"date": "2017-08-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006529"
},
{
"date": "2017-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-220"
},
{
"date": "2017-07-31T03:29:00.910000",
"db": "NVD",
"id": "CVE-2017-9497"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-19301"
},
{
"date": "2017-08-02T00:00:00",
"db": "VULHUB",
"id": "VHN-117700"
},
{
"date": "2017-08-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006529"
},
{
"date": "2017-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-220"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-9497"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-220"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Motorola MX011ANM Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006529"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-220"
}
],
"trust": 0.6
}
}
VAR-201707-1022
Vulnerability from variot - Updated: 2025-04-20 23:24The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to access an SNMP server by connecting a cable to the Ethernet port, and then establishing communication with the device's link-local IPv6 address. Motorola MX011ANM Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MotorolaMX011ANM is a network set-top box device from Motorola, USA. Comcast is a firmware developed by Comcast, Inc., which runs on devices such as gateways and modems. A security vulnerability exists in the Comcast firmware in the MotorolaMX011ANM using the firmware version MX011AN_2.9p6s1_PROD_sey. An attacker with a physical location is available to access the SNMP server
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-1022",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mx011anm",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "mx011an_2.9p6s1_prod_sey"
},
{
"model": "mx011anm",
"scope": "eq",
"trust": 0.8,
"vendor": "motorola",
"version": "mx011an_2.9p6s1_prod_sey"
},
{
"model": "mx011anm",
"scope": null,
"trust": 0.6,
"vendor": "motorola",
"version": null
},
{
"model": "mx011anm mx011an 2.9p6s1 prod sey",
"scope": null,
"trust": 0.6,
"vendor": "motorola",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19302"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006528"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-221"
},
{
"db": "NVD",
"id": "CVE-2017-9496"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:motorola:mx011anm_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006528"
}
]
},
"cve": "CVE-2017-9496",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2017-9496",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2017-19302",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-117699",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2017-9496",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-9496",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-9496",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-19302",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201706-221",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-117699",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19302"
},
{
"db": "VULHUB",
"id": "VHN-117699"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006528"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-221"
},
{
"db": "NVD",
"id": "CVE-2017-9496"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to access an SNMP server by connecting a cable to the Ethernet port, and then establishing communication with the device\u0027s link-local IPv6 address. Motorola MX011ANM Contains an access control vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. MotorolaMX011ANM is a network set-top box device from Motorola, USA. Comcast is a firmware developed by Comcast, Inc., which runs on devices such as gateways and modems. A security vulnerability exists in the Comcast firmware in the MotorolaMX011ANM using the firmware version MX011AN_2.9p6s1_PROD_sey. An attacker with a physical location is available to access the SNMP server",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9496"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006528"
},
{
"db": "CNVD",
"id": "CNVD-2017-19302"
},
{
"db": "VULHUB",
"id": "VHN-117699"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-9496",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006528",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201706-221",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-19302",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-117699",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19302"
},
{
"db": "VULHUB",
"id": "VHN-117699"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006528"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-221"
},
{
"db": "NVD",
"id": "CVE-2017-9496"
}
]
},
"id": "VAR-201707-1022",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19302"
},
{
"db": "VULHUB",
"id": "VHN-117699"
}
],
"trust": 1.52352942
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19302"
}
]
},
"last_update_date": "2025-04-20T23:24:59.572000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.motorolasolutions.com/en_us.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006528"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-284",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117699"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006528"
},
{
"db": "NVD",
"id": "CVE-2017-9496"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://github.com/bastilleresearch/cabletap/blob/master/doc/advisories/bastille-40.ethernet-snmp.txt"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9496"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9496"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19302"
},
{
"db": "VULHUB",
"id": "VHN-117699"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006528"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-221"
},
{
"db": "NVD",
"id": "CVE-2017-9496"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-19302"
},
{
"db": "VULHUB",
"id": "VHN-117699"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006528"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-221"
},
{
"db": "NVD",
"id": "CVE-2017-9496"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-19302"
},
{
"date": "2017-07-31T00:00:00",
"db": "VULHUB",
"id": "VHN-117699"
},
{
"date": "2017-08-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006528"
},
{
"date": "2017-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-221"
},
{
"date": "2017-07-31T03:29:00.880000",
"db": "NVD",
"id": "CVE-2017-9496"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-19302"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-117699"
},
{
"date": "2017-08-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006528"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-221"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-9496"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-221"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Motorola MX011ANM Access control vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006528"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-221"
}
],
"trust": 0.6
}
}
VAR-201707-1021
Vulnerability from variot - Updated: 2025-04-20 23:22The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to read arbitrary files by pressing "EXIT, Down, Down, 2" on an RF4CE remote to reach the diagnostic display, and then launching a Remote Web Inspector script. Motorola MX011ANM Contains an information disclosure vulnerability.Information may be obtained. MotorolaMX011ANM is a network set-top box device from Motorola, USA. Comcast is a firmware developed by Comcast, Inc., which runs on devices such as gateways and modems. A security vulnerability exists in the Comcast firmware in the MotorolaMX011ANM using the firmware version MX011AN_2.9p6s1_PROD_sey. An attacker with a physical location nearby can exploit the vulnerability to read arbitrary files
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-1021",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mx011anm",
"scope": "eq",
"trust": 2.4,
"vendor": "motorola",
"version": "mx011an_2.9p6s1_prod_sey"
},
{
"model": "mx011anm",
"scope": null,
"trust": 0.6,
"vendor": "motorola",
"version": null
},
{
"model": "mx011anm mx011an 2.9p6s1 prod sey",
"scope": null,
"trust": 0.6,
"vendor": "motorola",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19303"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006605"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-222"
},
{
"db": "NVD",
"id": "CVE-2017-9495"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:motorola:mx011anm_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006605"
}
]
},
"cve": "CVE-2017-9495",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2017-9495",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2017-19303",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-117698",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 0.9,
"id": "CVE-2017-9495",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-9495",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-9495",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-19303",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201706-222",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-117698",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19303"
},
{
"db": "VULHUB",
"id": "VHN-117698"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006605"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-222"
},
{
"db": "NVD",
"id": "CVE-2017-9495"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows physically proximate attackers to read arbitrary files by pressing \"EXIT, Down, Down, 2\" on an RF4CE remote to reach the diagnostic display, and then launching a Remote Web Inspector script. Motorola MX011ANM Contains an information disclosure vulnerability.Information may be obtained. MotorolaMX011ANM is a network set-top box device from Motorola, USA. Comcast is a firmware developed by Comcast, Inc., which runs on devices such as gateways and modems. A security vulnerability exists in the Comcast firmware in the MotorolaMX011ANM using the firmware version MX011AN_2.9p6s1_PROD_sey. An attacker with a physical location nearby can exploit the vulnerability to read arbitrary files",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9495"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006605"
},
{
"db": "CNVD",
"id": "CNVD-2017-19303"
},
{
"db": "VULHUB",
"id": "VHN-117698"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-9495",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006605",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201706-222",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-19303",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-117698",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19303"
},
{
"db": "VULHUB",
"id": "VHN-117698"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006605"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-222"
},
{
"db": "NVD",
"id": "CVE-2017-9495"
}
]
},
"id": "VAR-201707-1021",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19303"
},
{
"db": "VULHUB",
"id": "VHN-117698"
}
],
"trust": 1.52352942
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19303"
}
]
},
"last_update_date": "2025-04-20T23:22:19.343000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.motorolasolutions.com/en_us.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006605"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117698"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006605"
},
{
"db": "NVD",
"id": "CVE-2017-9495"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://github.com/bastilleresearch/cabletap/blob/master/doc/advisories/bastille-39.arbitrary-file-read.txt"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9495"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9495"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19303"
},
{
"db": "VULHUB",
"id": "VHN-117698"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006605"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-222"
},
{
"db": "NVD",
"id": "CVE-2017-9495"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-19303"
},
{
"db": "VULHUB",
"id": "VHN-117698"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006605"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-222"
},
{
"db": "NVD",
"id": "CVE-2017-9495"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-19303"
},
{
"date": "2017-07-31T00:00:00",
"db": "VULHUB",
"id": "VHN-117698"
},
{
"date": "2017-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006605"
},
{
"date": "2017-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-222"
},
{
"date": "2017-07-31T03:29:00.833000",
"db": "NVD",
"id": "CVE-2017-9495"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-19303"
},
{
"date": "2017-08-03T00:00:00",
"db": "VULHUB",
"id": "VHN-117698"
},
{
"date": "2017-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006605"
},
{
"date": "2017-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-222"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-9495"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-222"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Motorola MX011ANM Vulnerable to information disclosure",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006605"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-222"
}
],
"trust": 0.6
}
}
VAR-201707-1020
Vulnerability from variot - Updated: 2025-04-20 23:16The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows remote attackers to enable a Remote Web Inspector that is accessible from the public Internet. Motorola MX011ANM Contains vulnerabilities related to authorization, permissions, and access control.Information may be tampered with. MotorolaMX011ANM is a network set-top box device from Motorola, USA. Comcast is a firmware developed by Comcast, Inc., which runs on devices such as gateways and modems. A security vulnerability exists in the Comcast firmware in the MotorolaMX011ANM using the firmware version MX011AN_2.9p6s1_PROD_sey. A remote attacker could exploit this vulnerability to open the RemoteWebInspector
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-1020",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mx011anm",
"scope": "eq",
"trust": 2.4,
"vendor": "motorola",
"version": "mx011an_2.9p6s1_prod_sey"
},
{
"model": "mx011anm",
"scope": null,
"trust": 0.6,
"vendor": "motorola",
"version": null
},
{
"model": "mx011anm mx011an 2.9p6s1 prod sey",
"scope": null,
"trust": 0.6,
"vendor": "motorola",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19305"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006604"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-223"
},
{
"db": "NVD",
"id": "CVE-2017-9494"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:motorola:mx011anm_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006604"
}
]
},
"cve": "CVE-2017-9494",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2017-9494",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-19305",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-117697",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-9494",
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-9494",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-9494",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-19305",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201706-223",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-117697",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19305"
},
{
"db": "VULHUB",
"id": "VHN-117697"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006604"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-223"
},
{
"db": "NVD",
"id": "CVE-2017-9494"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows remote attackers to enable a Remote Web Inspector that is accessible from the public Internet. Motorola MX011ANM Contains vulnerabilities related to authorization, permissions, and access control.Information may be tampered with. MotorolaMX011ANM is a network set-top box device from Motorola, USA. Comcast is a firmware developed by Comcast, Inc., which runs on devices such as gateways and modems. A security vulnerability exists in the Comcast firmware in the MotorolaMX011ANM using the firmware version MX011AN_2.9p6s1_PROD_sey. A remote attacker could exploit this vulnerability to open the RemoteWebInspector",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9494"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006604"
},
{
"db": "CNVD",
"id": "CNVD-2017-19305"
},
{
"db": "VULHUB",
"id": "VHN-117697"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-9494",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006604",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201706-223",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-19305",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-117697",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19305"
},
{
"db": "VULHUB",
"id": "VHN-117697"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006604"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-223"
},
{
"db": "NVD",
"id": "CVE-2017-9494"
}
]
},
"id": "VAR-201707-1020",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19305"
},
{
"db": "VULHUB",
"id": "VHN-117697"
}
],
"trust": 1.52352942
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19305"
}
]
},
"last_update_date": "2025-04-20T23:16:00.784000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.motorolasolutions.com/en_us.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006604"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-732",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117697"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006604"
},
{
"db": "NVD",
"id": "CVE-2017-9494"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://github.com/bastilleresearch/cabletap/blob/master/doc/advisories/bastille-38.remote-web-inspector.txt"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9494"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9494"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19305"
},
{
"db": "VULHUB",
"id": "VHN-117697"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006604"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-223"
},
{
"db": "NVD",
"id": "CVE-2017-9494"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-19305"
},
{
"db": "VULHUB",
"id": "VHN-117697"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006604"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-223"
},
{
"db": "NVD",
"id": "CVE-2017-9494"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-19305"
},
{
"date": "2017-07-31T00:00:00",
"db": "VULHUB",
"id": "VHN-117697"
},
{
"date": "2017-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006604"
},
{
"date": "2017-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-223"
},
{
"date": "2017-07-31T03:29:00.800000",
"db": "NVD",
"id": "CVE-2017-9494"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-19305"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-117697"
},
{
"date": "2017-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006604"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-223"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-9494"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-223"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Motorola MX011ANM Vulnerabilities related to authorization, permissions, and access control",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006604"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-223"
}
],
"trust": 0.6
}
}