Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arris vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-45028
A cross-site scripting (XSS) vulnerability in Arris NVG443B 9.3.0h3d36 allows malicious users to execute arbitrary web scripts or HTML via a crafted POST request sent to /cgi-bin/logs.ha.
Arris Nvg443b Firmware 9.3.0h3d36
NA
CVE-2014-8425
The management portal in ARRIS VAP2500 before FW08.41 allows remote malicious users to obtain credentials by reading the configuration files.
Arris Vap2500 Firmware
1 EDB exploit
NA
CVE-2007-2796
Arris Cadant C3 CMTS allows remote malicious users to cause a denial of service (service termination) via a malformed IP packet with an invalid IP option.
Arris Cadant C3 Cmts
NA
CVE-2014-9406
ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and previous versions has a default password of password for the admin account, which makes it easier for remote malicious users to obtain access via a request to home_loggedout.php.
Arris Touchstone Tg862g\\/ct Firmware 7.6.59s.ct
9.8
CVSSv3
CVE-2018-20383
ARRIS DG950A 7.10.145 and DG950S 7.10.145.EURO devices allow remote malicious users to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
Commscope Arris Dg950a Firmware 7.10.145
Arris Dg950s Firmware 7.10.145.euro
6.1
CVSSv3
CVE-2017-16836
Arris TG1682G devices with Comcast TG1682_2.0s7_PRODse 10.0.59.SIP.PC20.CT software allow Unauthenticated Stored XSS via the actionHandler/ajax_managed_services.php service parameter.
Commscope Arris Tg1682g Firmware 10.0.59.sip.pc20.ct
1 EDB exploit
8.8
CVSSv3
CVE-2022-45701
Arris TG2482A firmware up to and including 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature.
Commscope Arris Tg2482a Firmware
Commscope Arris Tg2492 Firmware
Commscope Arris Sbg10 Firmware
1 Github repository
6.1
CVSSv3
CVE-2023-27572
An issue exists in CommScope Arris DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. A reflected XSS vulnerability exists in the https_redirect.php web page via the page parameter.
Commscope Dg3450 Firmware Ar01.02.056.18 041520 711.ncs.10
5.3
CVSSv3
CVE-2023-27571
An issue exists in DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. The troubleshooting_logs_download.php log file download functionality does not check the session cookie. Thus, an attacker can download all log files.
Commscope Dg3450 Firmware Ar01.02.056.18 041520 711.ncs.10
7.5
CVSSv3
CVE-2018-17555
The web component on ARRIS TG2492LG-NA 061213 devices allows remote malicious users to obtain sensitive information via the /snmpGet oids parameter.
Commscope Arris Tg2492lg-na Firmware 061213
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
command injection
CVE-2021-47511
CVE-2024-26238
CVE-2024-4858
CVE-2024-21305
XXE
CVE-2021-47555
CVE-2021-47526
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »