Skip to content
Permalink
master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
 
 
Cannot retrieve contributors at this time
Bastille Tracking Number 29
CVE-2017-9486
Overview
A vulnerability has been discovered that enables an attacker to generate the password-of-the-day needed login to a target gateway over SSH.
Affected Platforms
Cisco DPC3939, firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST
Proof-of-Concept
Comcast gateways use a POTD (password-of-the-day) to authenticate SSH/CLI sessions.
An attacker can generate a list of POTDs.
Test Environment
Cisco DPC3939, firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST
Mitigation
There is no apparent mechanism to allow Comcast customers to control or change this behavior.
Recommended Remediation
Move to certificate-based authentication.
Credits
Marc Newlin and Logan Lamb, Bastille
Chris Grayson, Web Sight.IO