Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arris vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-25729
Arris SBG6580 devices have predictable default WPA2 security passwords that could lead to unauthorized remote access. (They use the first 6 characters of the SSID and the last 6 characters of the BSSID, decrementing the last octet.)
890
VMScore
CVE-2022-26999
Arris TR3300 v1.0.13 exists to contain a command injection vulnerability in the static ip settings function via the wan_ip_stat, wan_mask_stat, wan_gw_stat, and wan_dns1_stat parameters. This vulnerability allows malicious users to execute arbitrary commands via a crafted request...
Commscope Arris Tr3300 Firmware 1.0.13
890
VMScore
CVE-2022-27000
Arris TR3300 v1.0.13 exists to contain a command injection vulnerability in the time and time zone function via the h_primary_ntp_server, h_backup_ntp_server, and h_time_zone parameters. This vulnerability allows malicious users to execute arbitrary commands via a crafted request...
Commscope Arris Tr3300 Firmware 1.0.13
605
VMScore
CVE-2021-20120
The administration web interface for the Arris Surfboard SB8200 lacks any protections against cross-site request forgery attacks. This means that an attacker could make configuration changes (such as changing the administrative password) without the consent of the user.
Commscope Arris Surfboard Sb8200 Firmware Ab01.02.053.01 112320 193.0a.nsh
668
VMScore
CVE-2019-15805
CommScope ARRIS TR4400 devices with firmware through A1.00.004-180301 are vulnerable to an authentication bypass to the administrative interface because they include the current base64 encoded password within http://192.168.1.1/login.html. Any user connected to the Wi-Fi can expl...
Commscope Tr4400 Firmware
668
VMScore
CVE-2019-15806
CommScope ARRIS TR4400 devices with firmware through A1.00.004-180301 are vulnerable to an authentication bypass to the administrative interface because they include the current base64 encoded password within http://192.168.1.1/basic_sett.html. Any user connected to the Wi-Fi can...
Commscope Tr4400 Firmware
470
VMScore
CVE-2017-14117
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows remote malicious users to establish arbitrary TCP connections to intranet hosts ...
Att U-verse Firmware 9.2.2h0d83
296
VMScore
CVE-2017-9476
The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_...
Cisco Dpc3939 Firmware Dpc3939-p20-18-v303r20421746-170221a-cmcst
Cisco Dpc3939 Firmware Dpc3939-p20-18-v303r20421733-160420a-cmcst
Commscope Arris Tg1682g Firmware 10.0.132.sip.pc20.ct
Commscope Arris Tg1682g Firmware Tg1682 2.2p7s2 Prod Sey
6 Github repositories
828
VMScore
CVE-2017-14116
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG599 device, when IP Passthrough mode is not used, configures WAN access to a caserver https service with the tech account and an empty password, which allows remote malicious users to obtain root privileges by establishing...
Att U-verse Firmware 9.2.2h0d83
828
VMScore
CVE-2017-14115
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures ssh-permanent-enable WAN SSH logins to the remotessh account with the 5SaP9I26 password, which allows remote malicious users to access a "Termin...
Att U-verse Firmware 9.2.2h0d83
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »