KLA10704
Multiple vulnerabilities in ARRIS cable modems.
Detect date
?
|
12/03/2015 |
Severity
?
|
Critical |
Description
|
Multiple serious vulnerabilities have been found in ARRIS cable modems. Malicious users can exploit these vulnerabilities to gain privileges or inject arbitrary code. Below is a complete list of vulnerabilities:
Technical details Vulnerabilities (2, 3) related to adv_pwd_cgi. Vulnerability (4) caused by hardcoded administrators password derived from serial number. |
Affected products
|
Arris devices DG860A, TG862A, and TG862G with firmware versions from TS0703128_100611 through TS0705125D_031115 |
Solution
|
Try to avoid using this accessory in accountable issues. |
Original advisories
|
|
Impacts
?
|
CI [?] PE [?] |
CVE-IDS
?
|
|