3 matches found
KLA10704 Multiple vulnerabilities in ARRIS cable modems.
Multiple serious vulnerabilities have been found in ARRIS cable modems. Malicious users can exploit these vulnerabilities to gain privileges or inject arbitrary code. Below is a complete list of vulnerabilities: 1. Predictable technician password can be exploited remotely to gain technician...
CVE-2009-5149
CVE-2009-5149 affects ARRIS DG860A, TG862A and TG862G cable modems with firmware TS0703128_100611 through TS0705125D_031115. The issue is a predictable technician password (“password of the day”) that can be exploited remotely to gain access via the web management interface. CERT/CC details furth...
ARRIS cable modems generate passwords deterministically and contain XSS and CSRF vulnerabilities
Overview Multiple models of ARRIS cable modems contain multiple, deterministically generated backdoor passwords, as well as multiple cross-site scripting XSS and cross-site request forgery CSRF vulnerabilities. Description CWE-255: Credentials Management - CVE-2009-5149The 'password of the day'...