10 matches found
Multiple ARRIS product command injection vulnerabilities
ARRIS SBR-AC1900P, SBR-AC3200P and SBR-AC1200P is a Wi-Fi router from ARRIS, Inc. Multiple ARRIS products are vulnerable to a command injection vulnerability, which stems from the DdnsUserName, DdnsHostName, and DdnsPassword parameters in the ddns function failing to properly filter the construct...
CVE-2022-26990
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the firewall-local log function via the EmailAddress, SmtpServerName, SmtpUsername, and SmtpPassword parameters. This vulnerability allows attackers...
CVE-2022-26991
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ntp function via the TimeZone parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
CVE-2022-26993
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the pppoe function via the pppoeUserName, pppoePassword, and pppoeService parameters. This vulnerability allows attackers to execute arbitrary...
CVE-2022-26992
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ddns function via the DdnsUserName, DdnsHostName, and DdnsPassword parameters. This vulnerability allows attackers to execute arbitrary commands...
CVE-2022-26993
CVE-2022-26993 affects ARRIS SBR-AC1900P (1.0.7-B05), SBR-AC3200P (1.0.7-B05), and SBR-AC1200P (1.0.5-B05). A command-injection vulnerability exists in the pppoe function exploitable via the pppoeUserName, pppoePassword, and pppoe_Service parameters, enabling arbitrary command execution through a...
CVE-2022-26990
Arris SBR-AC1900P (1.0.7-B05), SBR-AC3200P (1.0.7-B05) and SBR-AC1200P (1.0.5-B05) are affected by a command-injection vulnerability in the firewall-local log function, exploitable via EmailAddress, SmtpServerName, SmtpUsername and SmtpPassword. The issue allows arbitrary commands to be executed ...
CVE-2022-26991
CVE-2022-26991 concerns Arris routers SBR-AC1900P (1.0.7-B05), SBR-AC3200P (1.0.7-B05) and SBR-AC1200P (1.0.5-B05). A command-injection in the ntp function via the TimeZone parameter allows an attacker to execute arbitrary commands through a crafted request. Public sources consistently describe i...
ARRIS SBR-AC1900P和ARRIS SBR-AC3200P 操作系统命令注入漏洞
ARRIS SBR-AC1900P, SBR-AC3200P and SBR-AC1200P is a Wi-Fi router from ARRIS USA. Multiple ARRIS products command injection vulnerability, which stems from the firewall local logging feature failing to properly filter constructed command special characters, commands, etc. An attacker could exploit...
PT-2022-18167 · Arris · Sbr-Ac1900P +2
Name of the Vulnerable Software and Affected Versions: Arris routers SBR-AC1900P version 1.0.7-B05 Arris routers SBR-AC3200P version 1.0.7-B05 Arris routers SBR-AC1200P version 1.0.5-B05 Description: A command injection issue was discovered in the ntp function via the TimeZone parameter, allowing...