Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arris vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-9476
ARRIS TG1692A devices allow remote malicious users to discover the administrator login name and password by reading the /login page and performing base64 decoding.
Commscope Arris Tg1692a Firmware 9.1.103de2
9.8
CVSSv3
CVE-2024-23618
An arbitrary code execution vulnerability exists in Arris SURFboard SGB6950AC2 devices. An unauthenticated attacker can exploit this vulnerability to achieve code execution as root.
Commscope Arris Surfboard Sbg6950ac2 Firmware -
9.8
CVSSv3
CVE-2018-20386
ARRIS SBG6580-2 D30GW-SEAEAGLE-1.5.2.5-GA-00-NOSH devices allow remote malicious users to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
Commscope Arris Sbg6580-2 Firmware D30gw-seaeagle-1.5.2.5-ga-00-nosh
7.1
CVSSv3
CVE-2021-20119
The password change utility for the Arris SurfBoard SB8200 can have safety measures bypassed that allow any logged-in user to change the administrator password.
Commscope Arris Surfboard Sb8200 Firmware Ab01.02.053.01 112320 193.0a.nsh
9.8
CVSSv3
CVE-2022-26997
Arris TR3300 v1.0.13 exists to contain a command injection vulnerability in the upnp function via the upnp_ttl parameter. This vulnerability allows malicious users to execute arbitrary commands via a crafted request.
Commscope Arris Tr3300 Firmware 1.0.13
9.8
CVSSv3
CVE-2022-27001
Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the dhcp function via the hostname parameter. This vulnerability allows malicious users to execute arbitrary commands via a crafted request.
Commscope Arris Tr3300 Firmware 1.0.13
9.8
CVSSv3
CVE-2022-26998
Arris TR3300 v1.0.13 exists to contain a command injection vulnerability in the wps setting function via the wps_enrolee_pin parameter. This vulnerability allows malicious users to execute arbitrary commands via a crafted request.
Commscope Arris Tr3300 Firmware 1.0.13
9.8
CVSSv3
CVE-2022-26996
Arris TR3300 v1.0.13 exists to contain a command injection vulnerability in the pppoe function via the pppoe_username, pppoe_passwd, and pppoe_servicename parameters. This vulnerability allows malicious users to execute arbitrary commands via a crafted request.
Commscope Arris Tr3300 Firmware 1.0.13
9.8
CVSSv3
CVE-2022-27002
Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the ddns function via the ddns_name, ddns_pwd, h_ddns?ddns_host parameters. This vulnerability allows malicious users to execute arbitrary commands via a crafted request.
Commscope Arris Tr3300 Firmware 1.0.13
9.8
CVSSv3
CVE-2022-26995
Arris TR3300 v1.0.13 exists to contain a command injection vulnerability in the pptp (wan_pptp.html) function via the pptp_fix_ip, pptp_fix_mask, pptp_fix_gw, and wan_dns1_stat parameters. This vulnerability allows malicious users to execute arbitrary commands via a crafted reque...
Commscope Arris Tr3300 Firmware 1.0.13
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »