VYPR

VIP1113

by Arris

CVEs (3)

  • CVE-2025-49163MedJun 3, 2025
    risk 0.44cvss 6.7epss 0.00

    Arris VIP1113 devices through 2025-05-30 with KreaTV SDK allow booting an arbitrary image via a crafted /usr/bin/gunzip file.

  • CVE-2025-49162MedJun 3, 2025
    risk 0.42cvss 6.4epss 0.00

    Arris VIP1113 devices through 2025-05-30 with KreaTV SDK allow file overwrite via TFTP because a remote filename with a space character allows an attacker to control the local filename.

  • CVE-2025-49164MedJun 3, 2025
    risk 0.28cvss 4.3epss 0.00

    Arris VIP1113 devices through 2025-05-30 with KreaTV SDK have a firmware decryption key of cd1c2d78f2cba1f73ca7e697b4a485f49a8a7d0c8b0fdc9f51ced50f2530668a.