Medium severity5.9NVD Advisory· Published Sep 3, 2017· Updated May 13, 2026

CVE-2017-14117

Description

The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows remote attackers to establish arbitrary TCP connections to intranet hosts by sending \x2a\xce\x01 followed by other predictable values.

Affected products

Att/U Verse Firmware
cpe:2.3:o:att:u-verse_firmware:9.2.2h0d83:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.nomotion.net/blog/sharknatto/nvdExploitMitigationTechnical DescriptionThird Party Advisory
www.securityfocus.com/bid/100585nvdThird Party AdvisoryVDB Entry
threatpost.com/bugs-in-arris-modems-distributed-by-att-vulnerable-to-trivial-attacks/127753/nvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.384
epss	0.026
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000