VAR-201707-1024
Vulnerability from variot - Updated: 2025-04-20 23:30The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) and Xfinity XR11-20 Voice Remote devices allows local users to upload arbitrary firmware images to an XR11 by leveraging root access. In other words, there is no protection mechanism involving digital signatures for the firmware. Motorola MX011ANM and Xfinity XR11-20 Voice Remote Devices have vulnerabilities related to authorization, permissions, and access control.Information may be tampered with. MotorolaMX011ANM is a network set-top box device from Motorola, USA. The XfinityXR11-20VoiceRemote is a voice remote control device. Comcast is a firmware developed by Comcast, Inc., which runs on devices such as gateways and modems. A security vulnerability exists in the Comcast firmware in the MotorolaMX011ANM and XfinityXR11-20VoiceRemote devices using MX011AN_2.9p6s1_PROD_sey firmware, which is due to a lack of protection for the program
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201707-1024",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "mx011anm",
"scope": "eq",
"trust": 2.4,
"vendor": "motorola",
"version": "mx011an_2.9p6s1_prod_sey"
},
{
"model": "xfinity xr11-20",
"scope": "eq",
"trust": 1.0,
"vendor": "comcast",
"version": null
},
{
"model": "xfinity xr11-20",
"scope": null,
"trust": 0.8,
"vendor": "comcast",
"version": null
},
{
"model": "mx011anm 2.9p6s1 prod sey",
"scope": null,
"trust": 0.6,
"vendor": "motorola",
"version": null
},
{
"model": "mx011anm mx011an 2.9p6s1 prod sey",
"scope": null,
"trust": 0.6,
"vendor": "motorola",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19300"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006606"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-219"
},
{
"db": "NVD",
"id": "CVE-2017-9498"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:comcast:xfinity_xr11-20_firmware",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:motorola:mx011anm_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006606"
}
]
},
"cve": "CVE-2017-9498",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2017-9498",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CNVD-2017-19300",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "VHN-117701",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 1.8,
"id": "CVE-2017-9498",
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2017-9498",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-9498",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2017-19300",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201706-219",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-117701",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19300"
},
{
"db": "VULHUB",
"id": "VHN-117701"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006606"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-219"
},
{
"db": "NVD",
"id": "CVE-2017-9498"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) and Xfinity XR11-20 Voice Remote devices allows local users to upload arbitrary firmware images to an XR11 by leveraging root access. In other words, there is no protection mechanism involving digital signatures for the firmware. Motorola MX011ANM and Xfinity XR11-20 Voice Remote Devices have vulnerabilities related to authorization, permissions, and access control.Information may be tampered with. MotorolaMX011ANM is a network set-top box device from Motorola, USA. The XfinityXR11-20VoiceRemote is a voice remote control device. Comcast is a firmware developed by Comcast, Inc., which runs on devices such as gateways and modems. A security vulnerability exists in the Comcast firmware in the MotorolaMX011ANM and XfinityXR11-20VoiceRemote devices using MX011AN_2.9p6s1_PROD_sey firmware, which is due to a lack of protection for the program",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-9498"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006606"
},
{
"db": "CNVD",
"id": "CNVD-2017-19300"
},
{
"db": "VULHUB",
"id": "VHN-117701"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-9498",
"trust": 3.1
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006606",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201706-219",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-19300",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-117701",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19300"
},
{
"db": "VULHUB",
"id": "VHN-117701"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006606"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-219"
},
{
"db": "NVD",
"id": "CVE-2017-9498"
}
]
},
"id": "VAR-201707-1024",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19300"
},
{
"db": "VULHUB",
"id": "VHN-117701"
}
],
"trust": 1.5823529466666666
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19300"
}
]
},
"last_update_date": "2025-04-20T23:30:54.840000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://corporate.comcast.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.motorolasolutions.com/en_us.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006606"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-354",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-117701"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006606"
},
{
"db": "NVD",
"id": "CVE-2017-9498"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "https://github.com/bastilleresearch/cabletap/blob/master/doc/advisories/bastille-42.remote-ota.txt"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9498"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9498"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-19300"
},
{
"db": "VULHUB",
"id": "VHN-117701"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006606"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-219"
},
{
"db": "NVD",
"id": "CVE-2017-9498"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-19300"
},
{
"db": "VULHUB",
"id": "VHN-117701"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-006606"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-219"
},
{
"db": "NVD",
"id": "CVE-2017-9498"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-19300"
},
{
"date": "2017-07-31T00:00:00",
"db": "VULHUB",
"id": "VHN-117701"
},
{
"date": "2017-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006606"
},
{
"date": "2017-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-219"
},
{
"date": "2017-07-31T03:29:00.940000",
"db": "NVD",
"id": "CVE-2017-9498"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-19300"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-117701"
},
{
"date": "2017-08-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-006606"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-219"
},
{
"date": "2025-04-20T01:37:25.860000",
"db": "NVD",
"id": "CVE-2017-9498"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-219"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Motorola MX011ANM and Xfinity XR11-20 Voice Remote Vulnerabilities related to authorization, authority, and access control in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-006606"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control issues",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-219"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…