Design/Logic Flaw

2020-03-0419:15:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.1%

JSON

ARRIS TG1692A devices allow remote attackers to discover the administrator login name and password by reading the /login page and performing base64 decoding.

CPENameOperatorVersion
arris_tg1692a_firmwareeq9.1.103-de2

CPE	Name	Operator	Version
	arris_tg1692a_firmware	eq	9.1.103-de2

References

arris.secure.force.com/consumers/ConsumerProductSupport

medium.com/%40rsantos_14778/info-disclosure-cve-2020-9476-494a08298c6b