Lucene search
K

4 matches found

CNVD
CNVD
added 2018/05/16 12:0 a.m.4 views

Arris Touchstone Telephony Gateway TG1682G Privileged Access Vulnerability

The Arris Touchstone Telephony Gateway TG1682G is an all-in-one Modem modem router from the Arris Group of Companies. A security vulnerability exists in the Arris Touchstone Telephony Gateway TG1682G version 9.1.103J6, which stems from a logout operation that fails to immediately clear all state ...

8CVSS8AI score0.01073EPSS
Exploits0References1
Prion
Prion
added 2018/05/14 2:29 p.m.19 views

Design/Logic Flaw

On Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices, a logout action does not immediately destroy all state on the device related to the validity of the "credential" cookie, which might make it easier for attackers to obtain access at a later time e.g., "at least for a few minutes"...

7.5CVSS7.6AI score0.01073EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2018/05/14 2:29 p.m.16 views

Default credentials

Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distributed by some ISPs with a default password of "password" for the admin account that is used over an unencrypted http://192.168.0.1 connection, which might allow remote attackers to bypass intended access restrictions by...

3.5CVSS6.8AI score0.01393EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/05/14 2:0 p.m.22 views

CVE-2018-10989

Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distributed by some ISPs with a default password of "password" for the admin account that is used over an unencrypted http://192.168.0.1 connection, which might allow remote attackers to bypass intended access restrictions by...

6.8AI score0.01393EPSS
Exploits0References1
Rows per page
Query Builder