22 matches found
EUVD-2017-5627
Malware in sbrugna...
EUVD-2017-5628
Malware in sbrugna...
EUVD-2017-2438
Malware in sbrugna...
Arris NVG589 and NVG599 AT&T U-verse Authentication Vulnerabilities
The Arris NVG589 and NVG599 are both router products from the Arris Group of Companies in the U.S. The AT&T U-verse is the firmware used in... A security vulnerability exists in the AT&T U-verse version 9.2.2h0d83 in the Arris NVG589 and NVG599. A remote attacker could exploit this vulnerability ...
Arris NVG589 and NVG599 AT&T U-verse Information Disclosure Vulnerabilities
The Arris NVG589 and NVG599 are both router products from the Arris Group of Companies in the U.S. The AT&T U-verse is the firmware used in... A security vulnerability exists in the AT&T U-verse version 9.2.2h0d83 in the Arris NVG589 and NVG599. A remote attacker could exploit the vulnerability t...
CVE-2017-14117
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows remote attackers to establish arbitrary TCP connections to intranet hosts by sending \x2a\xce\x01...
CVE-2017-14117
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows remote attackers to establish arbitrary TCP connections to intranet hosts by sending \x2a\xce\x01...
CVE-2017-14116
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG599 device, when IP Passthrough mode is not used, configures WAN access to a caserver https service with the tech account and an empty password, which allows remote attackers to obtain root privileges by establishing a session on port 49955 an...
Code injection
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows remote attackers to establish arbitrary TCP connections to intranet hosts by sending \x2a\xce\x01...
Design/Logic Flaw
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589, NVG599, and unspecified other devices, when IP Passthrough mode is not used, configures an sbdc.ha WAN TCP service on port 61001 with the bdctest account and the bdctest password, which allows remote attackers to obtain sensitive...
CVE-2017-10793
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589, NVG599, and unspecified other devices, when IP Passthrough mode is not used, configures an sbdc.ha WAN TCP service on port 61001 with the bdctest account and the bdctest password, which allows remote attackers to obtain sensitive...
CVE-2017-14115
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures ssh-permanent-enable WAN SSH logins to the remotessh account with the 5SaP9I26 password, which allows remote attackers to access a "Terminal shell v1.0" service, and...
Design/Logic Flaw
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures ssh-permanent-enable WAN SSH logins to the remotessh account with the 5SaP9I26 password, which allows remote attackers to access a "Terminal shell v1.0" service, and...
Code injection
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG599 device, when IP Passthrough mode is not used, configures WAN access to a caserver https service with the tech account and an empty password, which allows remote attackers to obtain root privileges by establishing a session on port 49955 an...
CVE-2017-14115
The CVE-2017-14115 entry concerns AT&T U-verse firmware 9.2.2h0d83 on Arris NVG589/NVG599. The flaw arises when IP Passthrough is not used, configuring ssh-permanent-enable WAN SSH logins for the remotessh account with password 5SaP9I26. An attacker establishing an SSH session can trigger a Termi...
CVE-2017-10793
The CVE-2017-10793 entry concerns AT&T U-verse firmware 9.2.2h0d83 on Arris NVG589/NVG599 (and related devices). The issue arises when IP Passthrough is not used, where an sbdc.ha WAN TCP service on port 61001 is configured with bdctest credentials, enabling remote attackers to retrieve sensitive...
CVE-2017-14117
The CVE-2017-14117 vulnerability affects AT&T U-verse firmware 9.2.2h0d83 on Arris NVG589/NVG599 when IP Passthrough is not used. It configures an unauthenticated proxy service on WAN TCP port 49152, allowing remote attackers to establish arbitrary TCP connections to intranet hosts by sending the...
CVE-2017-14116
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG599 device, when IP Passthrough mode is not used, configures WAN access to a caserver https service with the tech account and an empty password, which allows remote attackers to obtain root privileges by establishing a session on port 49955 an...
CVE-2017-10793
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589, NVG599, and unspecified other devices, when IP Passthrough mode is not used, configures an sbdc.ha WAN TCP service on port 61001 with the bdctest account and the bdctest password, which allows remote attackers to obtain sensitive...
CVE-2017-14115
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures ssh-permanent-enable WAN SSH logins to the remotessh account with the 5SaP9I26 password, which allows remote attackers to access a "Terminal shell v1.0" service, and...