Vulnerabilities > Commscope > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-07-07 | CVE-2021-33216 | Unspecified vulnerability in Commscope Ruckus IOT Controller 1.7.1.0 An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. | 9.8 |
2021-07-07 | CVE-2021-33218 | Use of Hard-coded Credentials vulnerability in Commscope Ruckus IOT Controller 1.7.1.0 An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. | 9.8 |
2021-07-07 | CVE-2021-33219 | Use of Hard-coded Credentials vulnerability in Commscope Ruckus IOT Controller 1.7.1.0 An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. | 9.8 |
2021-07-07 | CVE-2021-33221 | Missing Authentication for Critical Function vulnerability in Commscope Ruckus IOT Controller 1.7.1.0 An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. | 9.8 |
2020-10-26 | CVE-2020-26879 | Use of Hard-coded Credentials vulnerability in Commscope Ruckus Vriot 1.5.1.0.21 Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py. | 9.8 |
2019-08-29 | CVE-2019-15806 | Inadequate Encryption Strength vulnerability in Commscope Tr4400 Firmware A1.00.004180301 CommScope ARRIS TR4400 devices with firmware through A1.00.004-180301 are vulnerable to an authentication bypass to the administrative interface because they include the current base64 encoded password within http://192.168.1.1/basic_sett.html. | 9.8 |
2019-08-29 | CVE-2019-15805 | Inadequate Encryption Strength vulnerability in Commscope Tr4400 Firmware A1.00.004180301 CommScope ARRIS TR4400 devices with firmware through A1.00.004-180301 are vulnerable to an authentication bypass to the administrative interface because they include the current base64 encoded password within http://192.168.1.1/login.html. | 9.8 |
2018-12-23 | CVE-2018-20386 | Insufficiently Protected Credentials vulnerability in Commscope Arris Sbg6580-2 Firmware D30Gwseaeagle1.5.2.5Ga00Nosh ARRIS SBG6580-2 D30GW-SEAEAGLE-1.5.2.5-GA-00-NOSH devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests. | 9.8 |
2018-12-23 | CVE-2018-20383 | Insufficiently Protected Credentials vulnerability in multiple products ARRIS DG950A 7.10.145 and DG950S 7.10.145.EURO devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests. | 9.8 |
2017-07-31 | CVE-2017-9521 | The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST); Cisco DPC3941T (firmware version DPC3941_2.5s3_PROD_sey); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices allows remote attackers to execute arbitrary code via a specific (but unstated) exposed service. | 9.8 |