Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
comcast vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-9475
Comcast XFINITY WiFi Home Hotspot devices allow remote malicious users to spoof the identities of Comcast customers via a forged MAC address.
Comcast Xfinity Wifi Hotspot -
NA
CVE-2022-45938
An issue exists in Comcast Defined Technologies microeisbss up to and including 2021. An attacker can inject a stored XSS payload in the Device ID field under Inventory Management to achieve Remote Code Execution and privilege escalation..
Xfinity Comcast Defined Technologies Microeisbss
3.3
CVSSv2
CVE-2016-2398
Comcast XFINITY Home Security System does not properly maintain base-station communication, which allows physically proximate malicious users to defeat sensor functionality by interfering with ZigBee 2.4 GHz transmissions.
Comcast Xfinity Home Security System
2.1
CVSSv2
CVE-2017-9498
The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) and Xfinity XR11-20 Voice Remote devices allows local users to upload arbitrary firmware images to an XR11 by leveraging root access. In other words, there is no protection mechanism involving d...
Motorola Mx011anm Firmware Mx011an 2.9p6s1 Prod Sey
Comcast Xfinity Xr11-20 Firmware -
5.4
CVSSv2
CVE-2014-5747
The XFINITY Constant Guard Mobile (aka com.whitesky.mobile.android) application 3.1.140603 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
Comcast Xfinity Constant Guard Mobile 3.1.140603
6.8
CVSSv2
CVE-2011-0886
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware prior to 1.4.0.49.2 allow remote malicious users to (1) hijack the intranet connectivity of arbitrary users for requests that perform...
Smc Networks Smcd3g-ccr
Smc Networks Smcd3g-ccr Firmware
Smc Networks Smcd3g-ccr Firmware 1.4.0.42
1 EDB exploit
4.3
CVSSv2
CVE-2011-0887
The web management portal on the SMC SMCD3G-CCR (aka Comcast Business Gateway) with firmware prior to 1.4.0.49.2 uses predictable session IDs based on time values, which makes it easier for remote malicious users to hijack sessions via a brute-force attack on the userid cookie.
Smc Networks Smcd3g-ccr
Smc Networks Smcd3g-ccr Firmware 1.4.0.42
1 EDB exploit
10
CVSSv2
CVE-2011-0885
A certain Comcast Business Gateway configuration of the SMC SMCD3G-CCR with firmware prior to 1.4.0.49.2 has a default password of D0nt4g3tme for the mso account, which makes it easier for remote malicious users to obtain administrative access via the (1) web interface or (2) TEL...
Smc Networks Smcd3g-ccr
Smc Networks Smcd3g-ccr Firmware 1.4.0.42
Smc Networks Smcd3g-ccr Firmware
1 EDB exploit
5
CVSSv2
CVE-2013-7091
Directory traversal vulnerability in /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx%20TemplateMsg.js.zgz in Zimbra 7.2.2 and 8.0.2 allows remote malicious users to read arbitrary files via a .. (dot dot) in the skin parameter. NOTE: this can be leveraged to execute arbit...
Synacor Zimbra Collaboration Suite 6.0.0
Synacor Zimbra Collaboration Suite 6.0.2
Synacor Zimbra Collaboration Suite 6.0.3
Synacor Zimbra Collaboration Suite 6.0.1
Synacor Zimbra Collaboration Suite 6.0.10
Synacor Zimbra Collaboration Suite 6.0.12
Synacor Zimbra Collaboration Suite 6.0.4
Synacor Zimbra Collaboration Suite 6.0.5
Synacor Zimbra Collaboration Suite 6.0.13
Synacor Zimbra Collaboration Suite 6.0.14
Synacor Zimbra Collaboration Suite 6.0.6
Synacor Zimbra Collaboration Suite 6.0.7
Synacor Zimbra Collaboration Suite 6.0.15
Synacor Zimbra Collaboration Suite 6.0.16
Synacor Zimbra Collaboration Suite 6.0.8
Synacor Zimbra Collaboration Suite 6.0.9
2 EDB exploits
1 Nmap script
1 Github repository
1 Article
6.8
CVSSv2
CVE-2017-9489
The Comcast firmware on Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST) devices allows configuration changes via CSRF.
Cisco Dpc3939b Firmware Dpc3939b-v303r204217-150321a-cmcst
Commscope Arris Tg1682g Firmware 10.0.132.sip.pc20.ct
Commscope Arris Tg1682g Firmware Tg1682 2.2p7s2 Prod Sey
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »