The ARRIS TR3300 is an 802.11ac Wi-Fi router from ARRIS, Inc. A command injection vulnerability exists in the ARRIS TR3300, which stems from the failure of the wan_ip_stat, wan_mask_stat, wan_gw_stat, and wan_dns1_stat parameters in the ip function to properly filter the construct command special characters, commands, etc. An attacker could exploit this vulnerability to cause arbitrary command execution.
CPE | Name | Operator | Version |
---|---|---|---|
ARRIS TR3300 v | eq | 1.0.13 |