CVE-2017-14116
The CVE describes a remote‑code‑execution path in AT&T U‑verse firmware 9.2.2h0d83 for the Arris NVG599. When IP Passthrough is not used, WAN access to a caserver https service is configured with the tech account and an empty password, enabling an attacker to start a session on port 49955 and ins...