Vulnerabilities > Arris > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-11 | CVE-2023-40039 | Unspecified vulnerability in Arris Tg1672G Firmware, Tg852G Firmware and Tg862G Firmware An issue was discovered on ARRIS TG852G, TG862G, and TG1672G devices. | 9.8 |
2022-03-15 | CVE-2022-26990 | OS Command Injection vulnerability in Arris products Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the firewall-local log function via the EmailAddress, SmtpServerName, SmtpUsername, and SmtpPassword parameters. | 9.8 |
2022-03-15 | CVE-2022-26991 | OS Command Injection vulnerability in Arris products Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ntp function via the TimeZone parameter. | 9.8 |
2022-03-15 | CVE-2022-26992 | OS Command Injection vulnerability in Arris products Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ddns function via the DdnsUserName, DdnsHostName, and DdnsPassword parameters. | 9.8 |
2022-03-15 | CVE-2022-26993 | OS Command Injection vulnerability in Arris products Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the pppoe function via the pppoeUserName, pppoePassword, and pppoe_Service parameters. | 9.8 |
2022-03-15 | CVE-2022-26994 | OS Command Injection vulnerability in Arris products Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the pptp function via the pptpUserName and pptpPassword parameters. | 9.8 |
2018-12-23 | CVE-2018-20383 | Insufficiently Protected Credentials vulnerability in multiple products ARRIS DG950A 7.10.145 and DG950S 7.10.145.EURO devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests. | 9.8 |