Vulnerabilities > Commscope
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-15 | CVE-2022-27000 | Command Injection vulnerability in Commscope Arris Tr3300 Firmware 1.0.13 Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the time and time zone function via the h_primary_ntp_server, h_backup_ntp_server, and h_time_zone parameters. | 9.8 |
| 2022-03-15 | CVE-2022-27001 | Command Injection vulnerability in Commscope Arris Tr3300 Firmware 1.0.13 Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the dhcp function via the hostname parameter. | 9.8 |
| 2022-03-15 | CVE-2022-27002 | Command Injection vulnerability in Commscope Arris Tr3300 Firmware 1.0.13 Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the ddns function via the ddns_name, ddns_pwd, h_ddns?ddns_host parameters. | 9.8 |
| 2022-02-15 | CVE-2021-41552 | Command Injection vulnerability in Commscope products CommScope SURFboard SBG6950AC2 9.1.103AA23 devices allow Command Injection. | 5.8 |
| 2021-11-09 | CVE-2021-20119 | Incorrect Authorization vulnerability in Commscope Arris Surfboard Sb8200 Firmware Ab01.02.053.01112320193.0A.Nsh The password change utility for the Arris SurfBoard SB8200 can have safety measures bypassed that allow any logged-in user to change the administrator password. | 4.9 |
| 2021-10-21 | CVE-2021-20120 | Cross-Site Request Forgery (CSRF) vulnerability in Commscope Arris Surfboard Sb8200 Firmware Ab01.02.053.01112320193.0A.Nsh The administration web interface for the Arris Surfboard SB8200 lacks any protections against cross-site request forgery attacks. | 6.8 |
| 2021-07-07 | CVE-2021-33215 | Path Traversal vulnerability in Commscope Ruckus IOT Controller An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. | 4.0 |
| 2021-07-07 | CVE-2021-33216 | Unspecified vulnerability in Commscope Ruckus IOT Controller An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. | 7.5 |
| 2021-07-07 | CVE-2021-33217 | Out-of-bounds Write vulnerability in Commscope Ruckus IOT Controller An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. | 9.0 |
| 2021-07-07 | CVE-2021-33218 | Use of Hard-coded Credentials vulnerability in Commscope Ruckus IOT Controller An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. | 10.0 |