Vulnerabilities > CVE-2009-5149 - Credentials Management vulnerability in Arris NA Model 862 GW Mono Firmware
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 have predictable technician passwords, which makes it easier for remote attackers to obtain access via the web management interface, related to a "password of the day" issue.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 5 | |
Hardware | 3 |
Common Weakness Enumeration (CWE)
References
- http://www.borfast.com/projects/arris-password-of-the-day-generator/
- http://www.borfast.com/projects/arris-password-of-the-day-generator/
- http://www.kb.cert.org/vuls/id/419568
- http://www.kb.cert.org/vuls/id/419568
- https://github.com/borfast/arrispwgen
- https://github.com/borfast/arrispwgen
- https://play.google.com/store/apps/details?id=me.harrygonzalez.arrispod
- https://play.google.com/store/apps/details?id=me.harrygonzalez.arrispod