CVE-2021-20120

The administration web interface for the Arris Surfboard SB8200 lacks any protections against cross-site request forgery attacks. This means that an attacker could make configuration changes such as changing the administrative password without the consent of the user...

CVE-2021-20119

The password change utility for the Arris SurfBoard SB8200 can have safety measures bypassed that allow any logged-in user to change the administrator password...

CVE-2021-20119

The password change utility for the Arris SurfBoard SB8200 can have safety measures bypassed that allow any logged-in user to change the administrator password...

Default credentials

The password change utility for the Arris SurfBoard SB8200 can have safety measures bypassed that allow any logged-in user to change the administrator password...

CVE-2021-20119

The password change utility for the Arris SurfBoard SB8200 can have safety measures bypassed that allow any logged-in user to change the administrator password...

CVE-2021-20119

The CVE-2021-20119 vulnerability affects the Arris SurfBoard SB8200 (Docsis 3.1 modem). The password change utility lets an authenticated user bypass safety checks and change the administrator password, due to an access‑control issue in the password-change feature. Impact aligns with administrato...

CVE-2021-20120

The administration web interface for the Arris Surfboard SB8200 lacks any protections against cross-site request forgery attacks. This means that an attacker could make configuration changes such as changing the administrative password without the consent of the user...

CVE-2021-20120

The administration web interface for the Arris Surfboard SB8200 lacks any protections against cross-site request forgery attacks. This means that an attacker could make configuration changes such as changing the administrative password without the consent of the user...

Cross site request forgery (csrf)

The administration web interface for the Arris Surfboard SB8200 lacks any protections against cross-site request forgery attacks. This means that an attacker could make configuration changes such as changing the administrative password without the consent of the user...

CVE-2021-20120

The administration web interface for the Arris Surfboard SB8200 lacks any protections against cross-site request forgery attacks. This means that an attacker could make configuration changes such as changing the administrative password without the consent of the user...

CVE-2021-20120

The CVE-2021-20120 entry concerns the Arris Surfboard SB8200. The vulnerability arises from missing protections against cross-site request forgery (CSRF) in the device’s administration web interface, enabling an attacker to perform configuration changes (including password modifications) without ...

CommScope Arris Surfboard Sb8200 跨站请求伪造漏洞

The CommScope Arris Surfboard Sb8200 is a Docsis 3.1 modem from CommScope USA. The Arris Surfboard SB8200 suffers from a security vulnerability that stems from the lack of any protection against cross-site request forgery attacks in the software's administrative web interface. This means that an...