Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
ArrisNa Model 862 Gw Mono Firmwarets070593c 073013

4 matches found

CVE
CVEadded 2015/11/21 11:59 a.m.48 views

CVE-2015-7289

Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 have a hardcoded administrator password derived from a serial number, which makes it easier for remote attackers to obtain access via the web management interface, SSH, TELNET, or SNMP.

9.3CVSS7.2AI score0.00468EPSS
CVE
CVEadded 2015/11/21 11:59 a.m.48 views

CVE-2015-7290

Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows remote attackers to inject arbitrary web script or HTML via the pwd parameter.

4.3CVSS6.1AI score0.00645EPSS
CVE
CVEadded 2015/11/21 11:59 a.m.41 views

CVE-2009-5149

Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 have predictable technician passwords, which makes it easier for remote attackers to obtain access via the web management interface, related to a "password of the day" issue.

4.3CVSS7AI score0.02271EPSS
CVE
CVEadded 2015/11/21 11:59 a.m.38 views

CVE-2015-7291

Cross-site request forgery (CSRF) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows remote attackers to hijack the authentication of arbitrary users.

6.8CVSS7.7AI score0.00104EPSS