Vulnerabilities > Commscope > High

DATE CVE VULNERABILITY TITLE RISK
2023-02-17 CVE-2022-45701 Unspecified vulnerability in Commscope products
Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature.
network
low complexity
commscope
8.8
2021-07-07 CVE-2021-33216 Unspecified vulnerability in Commscope Ruckus IOT Controller
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier.
network
low complexity
commscope
7.5
2021-07-07 CVE-2021-33219 Use of Hard-coded Credentials vulnerability in Commscope Ruckus IOT Controller
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier.
network
low complexity
commscope CWE-798
7.5
2021-07-07 CVE-2021-33221 Missing Authentication for Critical Function vulnerability in Commscope Ruckus IOT Controller
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier.
network
low complexity
commscope CWE-306
7.5
2020-03-04 CVE-2020-9476 Inadequate Encryption Strength vulnerability in Commscope Arris Tg1692A Firmware 9.1.103De2
ARRIS TG1692A devices allow remote attackers to discover the administrator login name and password by reading the /login page and performing base64 decoding.
network
low complexity
commscope CWE-326
7.5
2018-05-14 CVE-2018-10990 Insufficient Session Expiration vulnerability in Commscope Arris Tg1682G Firmware 9.1.103J6
On Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices, a logout action does not immediately destroy all state on the device related to the validity of the "credential" cookie, which might make it easier for attackers to obtain access at a later time (e.g., "at least for a few minutes").
network
high complexity
commscope CWE-613
8.0
2017-07-31 CVE-2017-9521 The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST); Cisco DPC3941T (firmware version DPC3941_2.5s3_PROD_sey); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices allows remote attackers to execute arbitrary code via a specific (but unstated) exposed service.
network
low complexity
cisco commscope
7.5