Published: 19/06/2014 Updated: 23/08/2021

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 685

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Multiple cross-site request forgery (CSRF) vulnerabilities in goform/RgDdns in ARRIS (formerly Motorola) SBG901 SURFboard Wireless Cable Modem allow remote malicious users to hijack the authentication of administrators for requests that (1) change the dns service via the DdnsService parameter, (2) change the username via the DdnsUserName parameter, (3) change the password via the DdnsPassword parameter, or (4) change the host name via the DdnsHostName parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
commscope arris sbg901 -

Exploit Title : Motorola SBG901 Wireless Modem CSRF Vulnerability Google dork : N/A Exploit Author: Blessen Thomas Date : 06/01/2014 Vendor Homepage : wwwarrisicom/modems/ Software Link : N/A Version : Motorola SBG901 Wireless modem Tested on : Windows 7 CVE : CVE-2014-3778 Type of Application : Web application Release mode : Coordinated ...

Motorola SBG901 wireless modem suffers from a cross site request forgery vulnerability ...

CWE-352 http://www.exploit-db.com/exploits/33792 https://nvd.nist.gov https://www.exploit-db.com/exploits/33792/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-3778

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect