cve/CVE-2017-9485.md at 32646c20e71810932fbd5e08aba28eaca6211a4d

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-12-14 20:08:44 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to write arbitrary data to a known /var/tmp/sess_* pathname by leveraging the device's operation in UI dev mode.

POC

Reference

https://github.com/BastilleResearch/CableTap/blob/master/doc/advisories/bastille-28.session-cookie-write.txt

Github

No PoCs found on GitHub currently.

773 B Raw Blame History

CVE-2017-9485

Description

POC

Reference

Github

773 B

Raw Blame History