Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-2438

Malware in sbrugna...

8.1CVSS8.2AI score0.02777EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2017-5627

Malware in sbrugna...

9.3CVSS8.1AI score0.04378EPSS
Exploits1References4
CNVD
CNVD
added 2017/09/06 12:0 a.m.4 views

Arris NVG589 and NVG599 AT&T U-verse Command Injection Vulnerabilities

The Arris NVG589 and NVG599 are both router products from the Arris Group of Companies in the U.S. The AT&T U-verse is the firmware used in... A security vulnerability exists in the AT&T U-verse version 9.2.2h0d83 in the Arris NVG589 and NVG599. A remote attacker can exploit the vulnerability by...

9.3CVSS8.5AI score0.04378EPSS
Exploits1References1
CNVD
CNVD
added 2017/09/06 12:0 a.m.5 views

Arris NVG589 and NVG599 AT&T U-verse Authentication Vulnerabilities

The Arris NVG589 and NVG599 are both router products from the Arris Group of Companies in the U.S. The AT&T U-verse is the firmware used in... A security vulnerability exists in the AT&T U-verse version 9.2.2h0d83 in the Arris NVG589 and NVG599. A remote attacker could exploit this vulnerability ...

5.9CVSS6.3AI score0.08024EPSS
Exploits1References1
CNVD
CNVD
added 2017/09/06 12:0 a.m.5 views

Arris NVG589 and NVG599 AT&T U-verse Information Disclosure Vulnerabilities

The Arris NVG589 and NVG599 are both router products from the Arris Group of Companies in the U.S. The AT&T U-verse is the firmware used in... A security vulnerability exists in the AT&T U-verse version 9.2.2h0d83 in the Arris NVG589 and NVG599. A remote attacker could exploit the vulnerability t...

8.1CVSS8AI score0.02777EPSS
Exploits1References1
Prion
Prion
added 2017/09/03 7:29 p.m.19 views

Design/Logic Flaw

The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589, NVG599, and unspecified other devices, when IP Passthrough mode is not used, configures an sbdc.ha WAN TCP service on port 61001 with the bdctest account and the bdctest password, which allows remote attackers to obtain sensitive...

4.3CVSS7.8AI score0.02777EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2017/09/03 7:29 p.m.20 views

CVE-2017-14117

The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows remote attackers to establish arbitrary TCP connections to intranet hosts by sending \x2a\xce\x01...

5.9CVSS6AI score0.08024EPSS
Exploits1References3
Prion
Prion
added 2017/09/03 7:29 p.m.16 views

Code injection

The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows remote attackers to establish arbitrary TCP connections to intranet hosts by sending \x2a\xce\x01...

4.3CVSS6AI score0.08024EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2017/09/03 7:0 p.m.22 views

CVE-2017-14117

The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows remote attackers to establish arbitrary TCP connections to intranet hosts by sending \x2a\xce\x01...

6.7AI score0.08024EPSS
Exploits1References3
Cvelist
Cvelist
added 2017/09/03 7:0 p.m.27 views

CVE-2017-10793

The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589, NVG599, and unspecified other devices, when IP Passthrough mode is not used, configures an sbdc.ha WAN TCP service on port 61001 with the bdctest account and the bdctest password, which allows remote attackers to obtain sensitive...

7.9AI score0.02777EPSS
Exploits1References3
CVE
CVE
added 2017/09/03 7:0 p.m.71 views

CVE-2017-14115

The CVE-2017-14115 entry concerns AT&T U-verse firmware 9.2.2h0d83 on Arris NVG589/NVG599. The flaw arises when IP Passthrough is not used, configuring ssh-permanent-enable WAN SSH logins for the remotessh account with password 5SaP9I26. An attacker establishing an SSH session can trigger a Termi...

9.3CVSS8.1AI score0.04378EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder