Filtered by vendor Commscope
Subscribe
Total
48 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-33220 | 1 Commscope | 1 Ruckus Iot Controller | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. Hard-coded API Keys exist. | |||||
CVE-2021-33215 | 1 Commscope | 1 Ruckus Iot Controller | 2024-02-28 | 4.0 MEDIUM | 4.3 MEDIUM |
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The API allows Directory Traversal. | |||||
CVE-2021-33216 | 1 Commscope | 1 Ruckus Iot Controller | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. An Undocumented Backdoor exists, allowing shell access via a developer account. | |||||
CVE-2020-26878 | 1 Commscope | 2 Ruckus Iot Module, Ruckus Vriot | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
Ruckus through 1.5.1.0.21 is affected by remote command injection. An authenticated user can submit a query to the API (/service/v1/createUser endpoint), injecting arbitrary commands that will be executed as root user via web.py. | |||||
CVE-2020-26879 | 1 Commscope | 2 Ruckus Iot Module, Ruckus Vriot | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py. An unauthenticated attacker can interact with the service API by using a backdoor value as the Authorization header. | |||||
CVE-2020-7983 | 1 Commscope | 2 Ruckus Zoneflex R500, Ruckus Zoneflex R500 Firmware | 2024-02-28 | 5.8 MEDIUM | 8.1 HIGH |
A CSRF issue in login.asp on Ruckus R500 3.4.2.0.384 devices allows remote attackers to access the panel or conduct SSRF attacks. | |||||
CVE-2020-8830 | 1 Commscope | 2 Ruckus Zoneflex R500, Ruckus Zoneflex R500 Firmware | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
CSRF in login.asp on Ruckus devices allows an attacker to access the panel, and use SSRF to perform scraping or other analysis via the SUBCA-1 field on the Wireless Admin screen. | |||||
CVE-2020-8033 | 1 Commscope | 2 Ruckus Zoneflex R500, Ruckus Zoneflex R500 Firmware | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
Ruckus R500 3.4.2.0.384 devices allow XSS via the index.asp Device Name field. | |||||
CVE-2020-9476 | 1 Commscope | 2 Arris Tg1692a, Arris Tg1692a Firmware | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
ARRIS TG1692A devices allow remote attackers to discover the administrator login name and password by reading the /login page and performing base64 decoding. | |||||
CVE-2019-15805 | 1 Commscope | 2 Tr4400, Tr4400 Firmware | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
CommScope ARRIS TR4400 devices with firmware through A1.00.004-180301 are vulnerable to an authentication bypass to the administrative interface because they include the current base64 encoded password within http://192.168.1.1/login.html. Any user connected to the Wi-Fi can exploit this. | |||||
CVE-2019-15806 | 1 Commscope | 2 Tr4400, Tr4400 Firmware | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
CommScope ARRIS TR4400 devices with firmware through A1.00.004-180301 are vulnerable to an authentication bypass to the administrative interface because they include the current base64 encoded password within http://192.168.1.1/basic_sett.html. Any user connected to the Wi-Fi can exploit this. | |||||
CVE-2018-20383 | 2 Arris, Commscope | 4 Dg950s Firmware, Arris Dg950a, Arris Dg950a Firmware and 1 more | 2024-02-28 | 5.0 MEDIUM | 9.8 CRITICAL |
ARRIS DG950A 7.10.145 and DG950S 7.10.145.EURO devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests. | |||||
CVE-2018-17555 | 1 Commscope | 2 Arris Tg2492lg-na, Arris Tg2492lg-na Firmware | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
The web component on ARRIS TG2492LG-NA 061213 devices allows remote attackers to obtain sensitive information via the /snmpGet oids parameter. | |||||
CVE-2018-20386 | 1 Commscope | 2 Arris Sbg6580-2, Arris Sbg6580-2 Firmware | 2024-02-28 | 5.0 MEDIUM | 9.8 CRITICAL |
ARRIS SBG6580-2 D30GW-SEAEAGLE-1.5.2.5-GA-00-NOSH devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests. | |||||
CVE-2018-10989 | 1 Commscope | 2 Arris Tg1682g, Arris Tg1682g Firmware | 2024-02-28 | 3.5 LOW | 6.6 MEDIUM |
Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distributed by some ISPs with a default password of "password" for the admin account that is used over an unencrypted http://192.168.0.1 connection, which might allow remote attackers to bypass intended access restrictions by leveraging access to the local network. NOTE: one or more user's guides distributed by ISPs state "At a minimum, you should set a login password." | |||||
CVE-2018-10990 | 1 Commscope | 2 Arris Tg1682g, Arris Tg1682g Firmware | 2024-02-28 | 7.5 HIGH | 8.0 HIGH |
On Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices, a logout action does not immediately destroy all state on the device related to the validity of the "credential" cookie, which might make it easier for attackers to obtain access at a later time (e.g., "at least for a few minutes"). NOTE: there is no documentation stating that the web UI's logout feature was supposed to do anything beyond removing the cookie from one instance of a web browser; a client-side logout action is often not intended to address cases where a person has made a copy of a cookie outside of a browser. | |||||
CVE-2017-9490 | 3 Arris, Cisco, Commscope | 4 Tg1682g Firmware, Dpc3939b, Dpc3939b Firmware and 1 more | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
The Comcast firmware on Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices allows configuration changes via CSRF. | |||||
CVE-2017-14116 | 2 Att, Commscope | 2 U-verse Firmware, Arris Nvg599 | 2024-02-28 | 9.3 HIGH | 8.1 HIGH |
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG599 device, when IP Passthrough mode is not used, configures WAN access to a caserver https service with the tech account and an empty password, which allows remote attackers to obtain root privileges by establishing a session on port 49955 and then installing new software, such as BusyBox with "nc -l" support. | |||||
CVE-2017-16836 | 1 Commscope | 2 Arris Tg1682g, Arris Tg1682g Firmware | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
Arris TG1682G devices with Comcast TG1682_2.0s7_PRODse 10.0.59.SIP.PC20.CT software allow Unauthenticated Stored XSS via the actionHandler/ajax_managed_services.php service parameter. | |||||
CVE-2017-9491 | 2 Cisco, Commscope | 8 Dpc3939, Dpc3939 Firmware, Dpc3939b and 5 more | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST); Cisco DPC3941T (firmware version DPC3941_2.5s3_PROD_sey); and Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices does not set the secure flag for cookies in an https session to an administration application, which makes it easier for remote attackers to capture these cookies by intercepting their transmission within an http session. |