Medium severity5.9NVD Advisory· Published Sep 3, 2017· Updated Jun 17, 2026
CVE-2017-14117
CVE-2017-14117
Description
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows remote attackers to establish arbitrary TCP connections to intranet hosts by sending \x2a\xce\x01 followed by other predictable values.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- cpe:2.3:o:att:u-verse_firmware:9.2.2h0d83:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
3- www.nomotion.net/blog/sharknatto/nvdExploitMitigationTechnical DescriptionThird Party Advisory
- www.securityfocus.com/bid/100585nvdThird Party AdvisoryVDB Entry
- threatpost.com/bugs-in-arris-modems-distributed-by-att-vulnerable-to-trivial-attacks/127753/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.