Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Arris Subscribe
Total 24 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-45028 1 Arris 2 Nvg443b, Nvg443b Firmware 2022-12-15 N/A 6.1 MEDIUM
A cross-site scripting (XSS) vulnerability in Arris NVG443B 9.3.0h3d36 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request sent to /cgi-bin/logs.ha.
CVE-2022-31793 2 Arris, Inglorion 13 Bgw210, Bgw210 Firmware, Bgw320 and 10 more 2022-08-11 N/A 7.5 HIGH
do_request in request.c in muhttpd before 1.1.7 allows remote attackers to read arbitrary files by constructing a URL with a single character before a desired path on the filesystem. This occurs because the code skips over the first character when serving files. Arris NVG443, NVG599, NVG589, and NVG510 devices and Arris-derived BGW210 and BGW320 devices are affected.
CVE-2022-26990 1 Arris 6 Sbr-ac1200p, Sbr-ac1200p Firmware, Sbr-ac1900p and 3 more 2022-03-22 7.5 HIGH 9.8 CRITICAL
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the firewall-local log function via the EmailAddress, SmtpServerName, SmtpUsername, and SmtpPassword parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVE-2022-26991 1 Arris 6 Sbr-ac1200p, Sbr-ac1200p Firmware, Sbr-ac1900p and 3 more 2022-03-22 7.5 HIGH 9.8 CRITICAL
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ntp function via the TimeZone parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVE-2022-26992 1 Arris 6 Sbr-ac1200p, Sbr-ac1200p Firmware, Sbr-ac1900p and 3 more 2022-03-22 7.5 HIGH 9.8 CRITICAL
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ddns function via the DdnsUserName, DdnsHostName, and DdnsPassword parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVE-2022-26993 1 Arris 6 Sbr-ac1200p, Sbr-ac1200p Firmware, Sbr-ac1900p and 3 more 2022-03-22 7.5 HIGH 9.8 CRITICAL
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the pppoe function via the pppoeUserName, pppoePassword, and pppoe_Service parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVE-2022-26994 1 Arris 6 Sbr-ac1200p, Sbr-ac1200p Firmware, Sbr-ac1900p and 3 more 2022-03-22 7.5 HIGH 9.8 CRITICAL
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the pptp function via the pptpUserName and pptpPassword parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVE-2018-20383 2 Arris, Commscope 4 Dg950s Firmware, Arris Dg950a, Arris Dg950a Firmware and 1 more 2021-09-13 5.0 MEDIUM 9.8 CRITICAL
ARRIS DG950A 7.10.145 and DG950S 7.10.145.EURO devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
CVE-2020-8438 1 Arris 2 Ruckus Zoneflex R500, Ruckus Zoneflex R500 Firmware 2020-01-31 9.0 HIGH 7.2 HIGH
Ruckus ZoneFlex R500 104.0.0.0.1347 devices allow an authenticated attacker to execute arbitrary OS commands via the hidden /forms/nslookupHandler form, as demonstrated by the nslookuptarget=|cat${IFS} substring.
CVE-2007-2796 1 Arris 1 Cadant C3 Cmts 2018-10-16 7.8 HIGH N/A
Arris Cadant C3 CMTS allows remote attackers to cause a denial of service (service termination) via a malformed IP packet with an invalid IP option.
CVE-2017-14116 2 Arris, Att 2 Nvg599, U-verse Firmware 2017-09-13 9.3 HIGH 8.1 HIGH
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG599 device, when IP Passthrough mode is not used, configures WAN access to a caserver https service with the tech account and an empty password, which allows remote attackers to obtain root privileges by establishing a session on port 49955 and then installing new software, such as BusyBox with "nc -l" support.
CVE-2017-14117 2 Arris, Att 3 Nvg589, Nvg599, U-verse Firmware 2017-09-13 4.3 MEDIUM 5.9 MEDIUM
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows remote attackers to establish arbitrary TCP connections to intranet hosts by sending \x2a\xce\x01 followed by other predictable values.
CVE-2017-9490 2 Arris, Cisco 4 Tg1682g, Tg1682g Firmware, Dpc3939b and 1 more 2017-08-08 6.8 MEDIUM 8.8 HIGH
The Comcast firmware on Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices allows configuration changes via CSRF.
CVE-2015-7289 1 Arris 4 Dg860a, Na Model 862 Gw Mono Firmware, Tg862a and 1 more 2015-11-23 9.3 HIGH N/A
Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 have a hardcoded administrator password derived from a serial number, which makes it easier for remote attackers to obtain access via the web management interface, SSH, TELNET, or SNMP.
CVE-2015-7290 1 Arris 4 Dg860a, Na Model 862 Gw Mono Firmware, Tg862a and 1 more 2015-11-23 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows remote attackers to inject arbitrary web script or HTML via the pwd parameter.
CVE-2009-5149 1 Arris 4 Dg860a, Na Model 862 Gw Mono Firmware, Tg862a and 1 more 2015-11-23 4.3 MEDIUM N/A
Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 have predictable technician passwords, which makes it easier for remote attackers to obtain access via the web management interface, related to a "password of the day" issue.
CVE-2015-7291 1 Arris 4 Dg860a, Na Model 862 Gw Mono Firmware, Tg862a and 1 more 2015-11-23 6.8 MEDIUM N/A
Cross-site request forgery (CSRF) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows remote attackers to hijack the authentication of arbitrary users.
CVE-2014-9406 1 Arris 2 Touchstone Tg862g\/ct, Touchstone Tg862g\/ct Firmware 2014-12-18 10.0 HIGH N/A
ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier has a default password of password for the admin account, which makes it easier for remote attackers to obtain access via a request to home_loggedout.php.
CVE-2014-5438 1 Arris 2 Touchstone Tg862g\/ct, Touchstone Tg862g\/ct Firmware 2014-12-18 3.5 LOW N/A
Cross-site scripting (XSS) vulnerability in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allows remote authenticated users to inject arbitrary web script or HTML via the computer_name parameter to connected_devices_computers_edit.php.
CVE-2014-5437 1 Arris 2 Touchstone Tg862g\/ct, Touchstone Tg862g\/ct Firmware 2014-12-18 6.8 MEDIUM N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) enable remote management via a request to remote_management.php, (2) add a port forwarding rule via a request to port_forwarding_add.php, (3) change the wireless network to open via a request to wireless_network_configuration_edit.php, or (4) conduct cross-site scripting (XSS) attacks via the keyword parameter to managed_sites_add_keyword.php.