Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arris vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-8423
Unspecified vulnerability in the management portal in ARRIS VAP2500 before FW08.41 allows remote malicious users to execute arbitrary commands via unknown vectors.
Arris Vap2500 Firmware
1 EDB exploit
NA
CVE-2014-8424
ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote malicious users to bypass authentication.
Arris Vap2500 Firmware
1 EDB exploit
NA
CVE-2014-9406
ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and previous versions has a default password of password for the admin account, which makes it easier for remote malicious users to obtain access via a request to home_loggedout.php.
Arris Touchstone Tg862g\\/ct Firmware 7.6.59s.ct
NA
CVE-2007-2796
Arris Cadant C3 CMTS allows remote malicious users to cause a denial of service (service termination) via a malformed IP packet with an invalid IP option.
Arris Cadant C3 Cmts
9.8
CVSSv3
CVE-2018-20383
ARRIS DG950A 7.10.145 and DG950S 7.10.145.EURO devices allow remote malicious users to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
Commscope Arris Dg950a Firmware 7.10.145
Arris Dg950s Firmware 7.10.145.euro
8.8
CVSSv3
CVE-2022-45701
Arris TG2482A firmware up to and including 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature.
Commscope Arris Tg2482a Firmware
Commscope Arris Tg2492 Firmware
Commscope Arris Sbg10 Firmware
1 Github repository
6.1
CVSSv3
CVE-2017-16836
Arris TG1682G devices with Comcast TG1682_2.0s7_PRODse 10.0.59.SIP.PC20.CT software allow Unauthenticated Stored XSS via the actionHandler/ajax_managed_services.php service parameter.
Commscope Arris Tg1682g Firmware 10.0.59.sip.pc20.ct
1 EDB exploit
5.3
CVSSv3
CVE-2023-27571
An issue exists in DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. The troubleshooting_logs_download.php log file download functionality does not check the session cookie. Thus, an attacker can download all log files.
Commscope Dg3450 Firmware Ar01.02.056.18 041520 711.ncs.10
6.1
CVSSv3
CVE-2023-27572
An issue exists in CommScope Arris DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. A reflected XSS vulnerability exists in the https_redirect.php web page via the page parameter.
Commscope Dg3450 Firmware Ar01.02.056.18 041520 711.ncs.10
7.5
CVSSv3
CVE-2018-17555
The web component on ARRIS TG2492LG-NA 061213 devices allows remote malicious users to obtain sensitive information via the /snmpGet oids parameter.
Commscope Arris Tg2492lg-na Firmware 061213
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »