[SECURITY] Fedora 43 Update: nanovna-saver-0.7.3-8.fc43

A multiplatform tool to save Touchstone files from the NanoVNA, sweep frequency spans in segments to gain more than 101 data points, and generally display and analyze the resulting data...

EUVD-2014-5326

Malware in sbrugna...

EUVD-2018-3040

Malware in sbrugna...

EUVD-2014-9227

Malware in sbrugna...

Arris Touchstone TG1672 Credential Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ================================================================================ Title: Arris Touchstone TG1672 Administrative Login Vulnerabilities Product: Arris Touchstone TG1672 Version: TS0901103AS09221616XX.GWSIP most likely other versions...

Arris Touchstone Telephony Gateway TG1682G Privileged Access Vulnerability

The Arris Touchstone Telephony Gateway TG1682G is an all-in-one Modem modem router from the Arris Group of Companies. A security vulnerability exists in the Arris Touchstone Telephony Gateway TG1682G version 9.1.103J6, which stems from a logout operation that fails to immediately clear all state ...

Default credentials

Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distributed by some ISPs with a default password of "password" for the admin account that is used over an unencrypted http://192.168.0.1 connection, which might allow remote attackers to bypass intended access restrictions by...

Design/Logic Flaw

On Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices, a logout action does not immediately destroy all state on the device related to the validity of the "credential" cookie, which might make it easier for attackers to obtain access at a later time e.g., "at least for a few minutes"...

CVE-2018-10990

The CVE-2018-10990 entry affects Arris Touchstone Telephony Gateway TG1682G (version 9.1.103J6). The vulnerability arises because a logout action does not immediately destroy all state related to the validity of the credential cookie, potentially allowing an attacker to retain access for some min...

CVE-2018-10989

Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distributed by some ISPs with a default password of "password" for the admin account that is used over an unencrypted http://192.168.0.1 connection, which might allow remote attackers to bypass intended access restrictions by...

ARRIS Touchstone TG862G/CT Telephony Gateway Security Mechanism Bypass Vulnerability

The ARRIS Touchstone TG862G/CT Telephony Gateway is an all-in-one Modem modem router from the Arris Group of Companies. A security mechanism bypass vulnerability exists in ARRIS Touchstone TG862G/CT Telephony Gateway 7.6.59S.CT that allows remote attackers to obtain the default password for acces...

Default credentials

ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier has a default password of password for the admin account, which makes it easier for remote attackers to obtain access via a request to homeloggedout.php...

CVE-2014-9406

ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier has a default password of password for the admin account, which makes it easier for remote attackers to obtain access via a request to homeloggedout.php...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 enable remote management via a request to remotemanagement.php, 2...

Cross site scripting

Cross-site scripting XSS vulnerability in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allows remote authenticated users to inject arbitrary web script or HTML via the computername parameter to connecteddevicescomputersedit.php...

CVE-2014-5437

Multiple cross-site request forgery CSRF vulnerabilities in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allow remote attackers to hijack the authentication of administrators for requests that 1 enable remote management via a request to remotemanagement.php, 2...

CVE-2014-5437

CVE-2014-5437 affects Arris Touchstone TG862G/CT Telephony Gateway (firmware 7.6.59S.CT and earlier). Reported CSRF vulnerabilities allow remote attackers to hijack administrator authentication to perform admin actions via requests to remote_management.php (enable remote management), port_forward...

CVE-2014-5438

CVE-2014-5438 affects ARRIS Touchstone TG862G/CT Telephony Gateway (firmware 7.6.59S.CT and earlier). The vulnerability is a cross-site scripting (XSS) flaw in connected_devices_computers_edit.php, exploitable via the computer_name parameter. Post-authentication remote vectors are demonstrated wi...

CVE-2014-5438

Cross-site scripting XSS vulnerability in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allows remote authenticated users to inject arbitrary web script or HTML via the computername parameter to connecteddevicescomputersedit.php...

Arris Touchstone TG862G/CT Cross Site Request Forgery

----------- Vendor: ----------- Arris Interactive, LLC http://www.arrisi.com/ ISP: Comcast Xfinity ----------------------------------------- Affected Products/Versions: ----------------------------------------- HW: Arris Touchstone TG862G/CT Xfinity branded SW: Version 7.6.59S.CT Tested...