[SECURITY] Fedora 43 Update: nanovna-saver-0.7.3-8.fc43

A multiplatform tool to save Touchstone files from the NanoVNA, sweep frequency spans in segments to gain more than 101 data points, and generally display and analyze the resulting data...

EUVD-2014-9227

Malware in sbrugna...

EUVD-2018-3040

Malware in sbrugna...

EUVD-2014-5326

Malware in sbrugna...

Arris Touchstone TG1672 Credential Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ================================================================================ Title: Arris Touchstone TG1672 Administrative Login Vulnerabilities Product: Arris Touchstone TG1672 Version: TS0901103AS09221616XX.GWSIP most likely other versions...

Arris Touchstone Telephony Gateway TG1682G Privileged Access Vulnerability

The Arris Touchstone Telephony Gateway TG1682G is an all-in-one Modem modem router from the Arris Group of Companies. A security vulnerability exists in the Arris Touchstone Telephony Gateway TG1682G version 9.1.103J6, which stems from a logout operation that fails to immediately clear all state ...

Design/Logic Flaw

On Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices, a logout action does not immediately destroy all state on the device related to the validity of the "credential" cookie, which might make it easier for attackers to obtain access at a later time e.g., "at least for a few minutes"...

Default credentials

Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distributed by some ISPs with a default password of "password" for the admin account that is used over an unencrypted http://192.168.0.1 connection, which might allow remote attackers to bypass intended access restrictions by...

CVE-2018-10989

Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distributed by some ISPs with a default password of "password" for the admin account that is used over an unencrypted http://192.168.0.1 connection, which might allow remote attackers to bypass intended access restrictions by...

CVE-2018-10990

The CVE-2018-10990 entry affects Arris Touchstone Telephony Gateway TG1682G (version 9.1.103J6). The vulnerability arises because a logout action does not immediately destroy all state related to the validity of the credential cookie, potentially allowing an attacker to retain access for some min...

ARRIS Touchstone TG862G/CT Telephony Gateway Security Mechanism Bypass Vulnerability

The ARRIS Touchstone TG862G/CT Telephony Gateway is an all-in-one Modem modem router from the Arris Group of Companies. A security mechanism bypass vulnerability exists in ARRIS Touchstone TG862G/CT Telephony Gateway 7.6.59S.CT that allows remote attackers to obtain the default password for acces...

Default credentials

ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier has a default password of password for the admin account, which makes it easier for remote attackers to obtain access via a request to homeloggedout.php...

CVE-2014-9406

ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier has a default password of password for the admin account, which makes it easier for remote attackers to obtain access via a request to homeloggedout.php...

CVE-2014-5437

Multiple cross-site request forgery CSRF vulnerabilities in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 enable remote management via a request to remotemanagement.php, 2...

Cross site scripting

Cross-site scripting XSS vulnerability in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allows remote authenticated users to inject arbitrary web script or HTML via the computername parameter to connecteddevicescomputersedit.php...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 enable remote management via a request to remotemanagement.php, 2...

CVE-2014-5438

CVE-2014-5438 affects ARRIS Touchstone TG862G/CT Telephony Gateway (firmware 7.6.59S.CT and earlier). The vulnerability is a cross-site scripting (XSS) flaw in connected_devices_computers_edit.php, exploitable via the computer_name parameter. Post-authentication remote vectors are demonstrated wi...

CVE-2014-5437

CVE-2014-5437 affects Arris Touchstone TG862G/CT Telephony Gateway (firmware 7.6.59S.CT and earlier). Reported CSRF vulnerabilities allow remote attackers to hijack administrator authentication to perform admin actions via requests to remote_management.php (enable remote management), port_forward...

CVE-2014-5438

Cross-site scripting XSS vulnerability in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allows remote authenticated users to inject arbitrary web script or HTML via the computername parameter to connecteddevicescomputersedit.php...

Arris Touchstone TG862G/CT Cross Site Request Forgery

----------- Vendor: ----------- Arris Interactive, LLC http://www.arrisi.com/ ISP: Comcast Xfinity ----------------------------------------- Affected Products/Versions: ----------------------------------------- HW: Arris Touchstone TG862G/CT Xfinity branded SW: Version 7.6.59S.CT Tested...