Vulnerabilities > Commscope > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-07-07 CVE-2021-33216 Unspecified vulnerability in Commscope Ruckus IOT Controller 1.7.1.0
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier.
network
low complexity
commscope
critical
9.8
2021-07-07 CVE-2021-33218 Use of Hard-coded Credentials vulnerability in Commscope Ruckus IOT Controller 1.7.1.0
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier.
network
low complexity
commscope CWE-798
critical
9.8
2021-07-07 CVE-2021-33219 Use of Hard-coded Credentials vulnerability in Commscope Ruckus IOT Controller 1.7.1.0
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier.
network
low complexity
commscope CWE-798
critical
9.8
2021-07-07 CVE-2021-33221 Missing Authentication for Critical Function vulnerability in Commscope Ruckus IOT Controller 1.7.1.0
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier.
network
low complexity
commscope CWE-306
critical
9.8
2020-10-26 CVE-2020-26879 Use of Hard-coded Credentials vulnerability in Commscope Ruckus Vriot 1.5.1.0.21
Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py.
network
low complexity
commscope CWE-798
critical
9.8
2019-08-29 CVE-2019-15806 Inadequate Encryption Strength vulnerability in Commscope Tr4400 Firmware A1.00.004180301
CommScope ARRIS TR4400 devices with firmware through A1.00.004-180301 are vulnerable to an authentication bypass to the administrative interface because they include the current base64 encoded password within http://192.168.1.1/basic_sett.html.
network
low complexity
commscope CWE-326
critical
9.8
2019-08-29 CVE-2019-15805 Inadequate Encryption Strength vulnerability in Commscope Tr4400 Firmware A1.00.004180301
CommScope ARRIS TR4400 devices with firmware through A1.00.004-180301 are vulnerable to an authentication bypass to the administrative interface because they include the current base64 encoded password within http://192.168.1.1/login.html.
network
low complexity
commscope CWE-326
critical
9.8
2018-12-23 CVE-2018-20386 Insufficiently Protected Credentials vulnerability in Commscope Arris Sbg6580-2 Firmware D30Gwseaeagle1.5.2.5Ga00Nosh
ARRIS SBG6580-2 D30GW-SEAEAGLE-1.5.2.5-GA-00-NOSH devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
network
low complexity
commscope CWE-522
critical
9.8
2018-12-23 CVE-2018-20383 Insufficiently Protected Credentials vulnerability in multiple products
ARRIS DG950A 7.10.145 and DG950S 7.10.145.EURO devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
network
low complexity
commscope arris CWE-522
critical
9.8
2017-07-31 CVE-2017-9521 The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST); Cisco DPC3941T (firmware version DPC3941_2.5s3_PROD_sey); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices allows remote attackers to execute arbitrary code via a specific (but unstated) exposed service.
network
low complexity
cisco commscope
critical
9.8