CVE-2014-4863 – Arris DG950A Cable Modem Wifi Enumeration
https://notcve.org/view.php?id=CVE-2014-4863
The Arris Touchstone DG950A cable modem with software 7.10.131 has an SNMP community of public, which allows remote attackers to obtain sensitive password, key, and SSID information via an SNMP request. El módem de cable Arris Touchstone DG950A con software 7.10.131 tiene una comunidad de público SNMP, lo que permite a atacantes remotos obtener información sensible de contraseñas, claves y SSID a través de una solicitud SNMP. • http://www.kb.cert.org/vuls/id/855836 https://community.rapid7.com/community/metasploit/blog/2014/08/21/more-snmp-information-leaks-cve-2014-4862-and-cve-2014-4863 https://www.rapid7.com/blog/post/2014/08/21/more-snmp-information-leaks-cve-2014-4862-and-cve-2014-4863 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2007-2796 – Arris Cadant C3 CMTS Remote DoS Vulnerability
https://notcve.org/view.php?id=CVE-2007-2796
Arris Cadant C3 CMTS allows remote attackers to cause a denial of service (service termination) via a malformed IP packet with an invalid IP option. Arris Cadant C3 CMTS permite a atacantes remotos provocar una denegación de servicio (terminación del servicio) mediante un paquete IP mal formado con una opción IP inválida. This vulnerability allows remote attackers to cause a denial of service on vulnerable Arris Cadant C3 CMTS systems. Authentication is not required to exploit this vulnerability. The flaw exists due to mishandling of IP options. When an unknown or bad option is specified, the C3 will terminate disabling all service that is handled by that CMTS. • http://osvdb.org/37233 http://secunia.com/advisories/25611 http://www.securityfocus.com/archive/1/471195/100/0/threaded http://www.securityfocus.com/bid/24430 http://www.securitytracker.com/id?1018220 http://www.vupen.com/english/advisories/2007/2162 http://www.zerodayinitiative.com/advisories/ZDI-07-036.html https://exchange.xforce.ibmcloud.com/vulnerabilities/34822 •