11 matches found
CVE-2014-9406
ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier has a default password of password for the admin account, which makes it easier for remote attackers to obtain access via a request to homeloggedout.php...
Default credentials
ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier has a default password of password for the admin account, which makes it easier for remote attackers to obtain access via a request to homeloggedout.php...
CVE-2014-9406
CVE-2014-9406 affects the ARRIS Touchstone TG862G/CT Telephony Gateway (firmware 7.6.59S.CT and earlier). The underlying issue is a default admin password of 'password' , which allows remote attackers to gain access via a request to home_loggedout.php. The entry documents a network-accessible, hi...
CVE-2014-9406
ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier has a default password of password for the admin account, which makes it easier for remote attackers to obtain access via a request to homeloggedout.php...
CVE-2014-5438
Cross-site scripting XSS vulnerability in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allows remote authenticated users to inject arbitrary web script or HTML via the computername parameter to connecteddevicescomputersedit.php...
CVE-2014-5437
Multiple cross-site request forgery CSRF vulnerabilities in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 enable remote management via a request to remotemanagement.php, 2...
CVE-2014-5437
Multiple cross-site request forgery CSRF vulnerabilities in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 enable remote management via a request to remotemanagement.php, 2...
CVE-2014-5437
CVE-2014-5437 affects Arris Touchstone TG862G/CT Telephony Gateway (firmware 7.6.59S.CT and earlier). Reported CSRF vulnerabilities allow remote attackers to hijack administrator authentication to perform admin actions via requests to remote_management.php (enable remote management), port_forward...
CVE-2014-5438
Cross-site scripting XSS vulnerability in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allows remote authenticated users to inject arbitrary web script or HTML via the computername parameter to connecteddevicescomputersedit.php...
CVE-2014-5438
CVE-2014-5438 affects ARRIS Touchstone TG862G/CT Telephony Gateway (firmware 7.6.59S.CT and earlier). The vulnerability is a cross-site scripting (XSS) flaw in connected_devices_computers_edit.php, exploitable via the computer_name parameter. Post-authentication remote vectors are demonstrated wi...
Arris Touchstone TG862G/CT Cross Site Request Forgery
----------- Vendor: ----------- Arris Interactive, LLC http://www.arrisi.com/ ISP: Comcast Xfinity ----------------------------------------- Affected Products/Versions: ----------------------------------------- HW: Arris Touchstone TG862G/CT Xfinity branded SW: Version 7.6.59S.CT Tested...