CVSS: 3.5EPSS: 0%CPEs: 2EXPL: 0CVE-2014-5438 – Arris Touchstone TG862G/CT Cross Site Scripting
https://notcve.org/view.php?id=CVE-2014-5438
Cross-site scripting (XSS) vulnerability in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allows remote authenticated users to inject arbitrary web script or HTML via the computer_name parameter to connected_devices_computers_edit.php. Vulnerabilidad de XSS en ARRIS Touchstone TG862G/CT Telephony Gateway con firmware 7.6.59S.CT y anteriores permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro computer_name en connected_devices_computers_edit.php Arris Touchstone TG862G/CT suffers from a cross site scripting vulnerability. • http://seclists.org/fulldisclosure/2014/Dec/58 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2014-5437 – Arris Touchstone TG862G/CT Cross Site Request Forgery
https://notcve.org/view.php?id=CVE-2014-5437
Multiple cross-site request forgery (CSRF) vulnerabilities in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) enable remote management via a request to remote_management.php, (2) add a port forwarding rule via a request to port_forwarding_add.php, (3) change the wireless network to open via a request to wireless_network_configuration_edit.php, or (4) conduct cross-site scripting (XSS) attacks via the keyword parameter to managed_sites_add_keyword.php. Múltiples vulnerabilidades de CSRF en ARRIS Touchstone TG862G/CT Telephony Gateway con firmware 7.6.59S.CT y anteriores permiten a atacantes remotos secuestrar la autenticación de administradores para solicitudes que (1) habilitan la gestión remota a través de una solicitud a remote_management.php, (2) añaden una regla de reenvío de puerto a través de una solicitud a port_forwarding_add.php, (3) cambian la red inalámbrica a abierta a través de una solicitud a wireless_network_configuration_edit.php, o (4) realizar ataques de XSS a través del parámetro keyword en managed_sites_add_keyword.php. Arris Touchstone TG862G/CT suffers from a cross site request forgery vulnerability. • http://seclists.org/fulldisclosure/2014/Dec/57 http://seclists.org/fulldisclosure/2014/Dec/58 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.8EPSS: 26%CPEs: 1EXPL: 1CVE-2014-8425 – ARRIS VAP2500 Management Portal Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2014-8425
The management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to obtain credentials by reading the configuration files. El portal de gestión en ARRIS VAP2500 anterior a FW08.41 permite a atacantes remotos obtener credenciales mediante la lectura de ficheros de configuración. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ARRIS VAP2500. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of access to the management portal. The issue lies in the failure to restrict access to configuration files. • https://www.exploit-db.com/exploits/35372 http://www.zerodayinitiative.com/advisories/ZDI-14-387 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 40%CPEs: 1EXPL: 2CVE-2014-8423 – ARRIS VAP2500 Management Portal Remote Command Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-8423
Unspecified vulnerability in the management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to execute arbitrary commands via unknown vectors. Vulnerabilidad no especificada en el portal de gestión en ARRIS VAP2500 anterior a FW08.41 permite a atacantes remotos ejecutar comandos arbitrarios a través de vectores desconocidos. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ARRIS VAP2500. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of access to the management portal. The issue lies in the ability to execute arbitrary commands without any sanitization. • https://www.exploit-db.com/exploits/35372 http://www.zerodayinitiative.com/advisories/ZDI-14-389 http://goto.fail/blog/2014/11/25/at-and-t-u-verse-vap2500-the-passwords-they-do-nothing https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/vap2500_tools_command_exec.rb • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.8EPSS: 87%CPEs: 1EXPL: 2CVE-2014-8424 – ARRIS VAP2500 Management Portal Authentication Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2014-8424
ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote attackers to bypass authentication. ARRIS VAP2500 anterior a FW08.41 no valida debidamente las contraseñas, lo que permite a atacantes remotos evadir la autenticación. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ARRIS VAP2500. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of user authentication. The issue lies in the failure to compare the password when authenticating. • https://www.exploit-db.com/exploits/35372 http://www.zerodayinitiative.com/advisories/ZDI-14-388 http://goto.fail/blog/2014/11/25/at-and-t-u-verse-vap2500-the-passwords-they-do-nothing https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/http/vap2500_tools_command_exec.rb • CWE-287: Improper Authentication •