3 matches found
Arris Routers Command Injection (CVE-2022-26990; CVE-2022-26991; CVE-2022-26992; CVE-2022-26993; CVE-2022-26994; CVE-2022-26995; CVE-2022-26996; CVE-2022-26997; CVE-2022-26998; CVE-2022-26999; CVE-2022-27000; CVE-2022-27001; CVE-2022-27002)
A command injection vulnerability exists in Arris Routers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2022-26995
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the pptp wanpptp.html function via the pptpfixip, pptpfixmask, pptpfixgw, and wandns1stat parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
CVE-2022-26995
Arris TR3300 v1.0.13 is affected by a command injection vulnerability in the pptp function (pptp_fix_ip, pptp_fix_mask, pptp_fix_gw, wan_dns1_stat) exposed via the pptp/wang_pptp.html endpoints. The issue arises from insufficient input validation, enabling an attacker to craft a request that exec...