CVE-2023-27572

An issue was discovered in CommScope Arris DG3450 Cable Gateway AR01.02.056.18041520711.NCS.10. A reflected XSS vulnerability was discovered in the httpsredirect.php web page via the page parameter...

CVE-2023-27571

An issue was discovered in DG3450 Cable Gateway AR01.02.056.18041520711.NCS.10. The troubleshootinglogsdownload.php log file download functionality does not check the session cookie. Thus, an attacker can download all log files...

CVE-2023-27571

An issue was discovered in DG3450 Cable Gateway AR01.02.056.18041520711.NCS.10. The troubleshootinglogsdownload.php log file download functionality does not check the session cookie. Thus, an attacker can download all log files...

CVE-2023-27571

An issue was discovered in DG3450 Cable Gateway AR01.02.056.18041520711.NCS.10. The troubleshootinglogsdownload.php log file download functionality does not check the session cookie. Thus, an attacker can download all log files...

Cross site scripting

An issue was discovered in CommScope Arris DG3450 Cable Gateway AR01.02.056.18041520711.NCS.10. A reflected XSS vulnerability was discovered in the httpsredirect.php web page via the page parameter...

Design/Logic Flaw

An issue was discovered in DG3450 Cable Gateway AR01.02.056.18041520711.NCS.10. The troubleshootinglogsdownload.php log file download functionality does not check the session cookie. Thus, an attacker can download all log files...

ARRIS DG3450 访问控制错误漏洞

The ARRIS DG3450 is a cable gateway from ARRIS America. A security vulnerability exists in the ARRIS DG3450 Cable Gateway AR01.02.056.18041520711.NCS.10 version, which stems from the log file download feature not checking for session cookies.An attacker can exploit this vulnerability to download...

CVE-2023-27571

CVE-2023-27571 affects Arris DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. The vulnerability is due to the troubleshooting_logs_download.php log file download function not checking the session cookie, enabling an attacker to download all log files. Documents confirm affected software/ver...

CVE-2023-27571

An issue was discovered in DG3450 Cable Gateway AR01.02.056.18041520711.NCS.10. The troubleshootinglogsdownload.php log file download functionality does not check the session cookie. Thus, an attacker can download all log files...

CVE-2023-27571

An issue was discovered in DG3450 Cable Gateway AR01.02.056.18041520711.NCS.10. The troubleshootinglogsdownload.php log file download functionality does not check the session cookie. Thus, an attacker can download all log files...

CVE-2023-27572

An issue was discovered in CommScope Arris DG3450 Cable Gateway AR01.02.056.18041520711.NCS.10. A reflected XSS vulnerability was discovered in the httpsredirect.php web page via the page parameter...

PT-2023-21216 · Commscope · Arris Dg3450 Cable Gateway

Name of the Vulnerable Software and Affected Versions: CommScope Arris DG3450 Cable Gateway version AR01.02.056.18 041520 711.NCS.10 Description: A reflected XSS issue was discovered in the "https redirect.php" web page via the page parameter. This allows for potential malicious script execution...

ARRIS DG3450 跨站脚本漏洞

The ARRIS DG3450 is a cable gateway from ARRIS America. The ARRIS DG3450 Cable Gateway suffers from a cross-site scripting vulnerability that stems from the presence of a reflective cross-site scripting vulnerability, which can be exploited by an attacker to execute arbitrary JavaScript code in t...

Arris DG3450 AR01.02.056.18_041520_711.NCS.10 XSS / Missing Authentication

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: Arris DG3450 Cable Gateway vulnerable version: AR01.02.056.18041520711.NCS.10 fixed version: - CVE number: CVE-2023-27571, CVE-2023-2757...

Arris DG3450 AR01.02.056.18_041520_711.NCS.10 XSS / Missing Authentication Vulnerabilities

Arris DG3450 cable gateway version AR01.02.056.18041520711.NCS.10 suffers from cross site scripting and missing authentication vulnerabilities. ======================================================================= title: Multiple Vulnerabilities product: Arris DG3450 Cable Gateway vulnerable...