Skip to content
Permalink
master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
 
 
Cannot retrieve contributors at this time
Bastille Tracking Number 38
CVE-2017-9494
Overview
The Motorola MX011ANM set-top box includes a Remote Web Inspector that is accessible from the public Internet.
Affected Platforms
Motorola MX011ANM, firmware version MX011AN_2.9p6s1_PROD_sey
Proof-of-Concept
The Remote Web Inspector service on the Motorola MX011ANM can be enabled by the end user.
Test Environment
Motorola MX011ANM, firmware version MX011AN_2.9p6s1_PROD_sey
Mitigation
There is no apparent mechanism to allow Comcast customers to change this behavior.
Recommended Remediation
Restrict access to the Remote Web Inspector.
Credits
Marc Newlin and Logan Lamb, Bastille
Chris Grayson, Web Sight.IO