3 matches found
Arris Routers Command Injection (CVE-2022-26990; CVE-2022-26991; CVE-2022-26992; CVE-2022-26993; CVE-2022-26994; CVE-2022-26995; CVE-2022-26996; CVE-2022-26997; CVE-2022-26998; CVE-2022-26999; CVE-2022-27000; CVE-2022-27001; CVE-2022-27002)
A command injection vulnerability exists in Arris Routers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2022-26992
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ddns function via the DdnsUserName, DdnsHostName, and DdnsPassword parameters. This vulnerability allows attackers to execute arbitrary commands...
CVE-2022-26992
CVE-2022-26992 affects Arris SBR-AC1900P, SBR-AC3200P, and SBR-AC1200P. The vulnerability is a command injection in the ddns function, exploitable via DdnsUserName, DdnsHostName, and DdnsPassword parameters. Root cause stated in connected sources as improper filtering of certain characters in the...