3 matches found
CVE-2022-26999
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the static ip settings function via the wanipstat, wanmaskstat, wangwstat, and wandns1stat parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request...
PT-2022-18171 · Arris · Arris Tr3300
Name of the Vulnerable Software and Affected Versions: Arris TR3300 version 1.0.13 Description: A command injection issue was found in the pptp function, accessible through the wan pptp.html endpoint, via the pptp fix ip, pptp fix mask, pptp fix gw, and wan dns1 stat parameters. This allows...
ARRIS TR3300 命令注入漏洞
The ARRIS TR3300 is an 802.11ac Wi-Fi router from ARRIS, Inc. A command injection vulnerability exists in the ARRIS TR3300, which stems from the failure of the wanipstat, wanmaskstat, wangwstat, and wandns1stat parameters in the ip function to properly filter the construct command special...