Vulnerabilities > Arris > Vap2500 Firmware

DATE CVE VULNERABILITY TITLE RISK
2014-11-28 CVE-2014-8425 Information Exposure vulnerability in Arris Vap2500 Firmware 08.41
The management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to obtain credentials by reading the configuration files.
network
low complexity
arris CWE-200
7.8
7.8
2014-11-28 CVE-2014-8424 Improper Authentication vulnerability in Arris Vap2500 Firmware 08.41
ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote attackers to bypass authentication.
network
low complexity
arris CWE-287
7.8
7.8
2014-11-28 CVE-2014-8423 Injection vulnerability in Arris Vap2500 Firmware 08.41
Unspecified vulnerability in the management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to execute arbitrary commands via unknown vectors.
network
low complexity
arris CWE-74
critical
 10.0
10