VAP2500
by Arris
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-8424 | 0.07 | — | 0.54 | Nov 28, 2014 | ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote attackers to bypass authentication. | |||
| CVE-2014-8423 | 0.06 | — | 0.42 | Nov 28, 2014 | Unspecified vulnerability in the management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to execute arbitrary commands via unknown vectors. | |||
| CVE-2014-8425 | 0.04 | — | 0.12 | Nov 28, 2014 | The management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to obtain credentials by reading the configuration files. | |||
| CVE-2024-5196 | 0.00 | — | 0.00 | May 22, 2024 | A vulnerability classified as critical has been found in Arris VAP2500 08.50. This affects an unknown part of the file /tools_command.php. The manipulation of the argument cmb_header/txt_command leads to command injection. It is possible to initiate the attack remotely. The… | |||
| CVE-2024-5195 | 0.00 | — | 0.00 | May 22, 2024 | A vulnerability was found in Arris VAP2500 08.50. It has been rated as critical. Affected by this issue is some unknown functionality of the file /diag_s.php. The manipulation of the argument customer_info leads to command injection. The attack may be launched remotely. The… | |||
| CVE-2024-5194 | 0.00 | — | 0.01 | May 22, 2024 | A vulnerability was found in Arris VAP2500 08.50. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /assoc_table.php. The manipulation of the argument id leads to command injection. The attack can be launched remotely. The… |
- CVE-2014-8424Nov 28, 2014risk 0.07cvss —epss 0.54
ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote attackers to bypass authentication.
- CVE-2014-8423Nov 28, 2014risk 0.06cvss —epss 0.42
Unspecified vulnerability in the management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to execute arbitrary commands via unknown vectors.
- CVE-2014-8425Nov 28, 2014risk 0.04cvss —epss 0.12
The management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to obtain credentials by reading the configuration files.
- CVE-2024-5196May 22, 2024risk 0.00cvss —epss 0.00
A vulnerability classified as critical has been found in Arris VAP2500 08.50. This affects an unknown part of the file /tools_command.php. The manipulation of the argument cmb_header/txt_command leads to command injection. It is possible to initiate the attack remotely. The…
- CVE-2024-5195May 22, 2024risk 0.00cvss —epss 0.00
A vulnerability was found in Arris VAP2500 08.50. It has been rated as critical. Affected by this issue is some unknown functionality of the file /diag_s.php. The manipulation of the argument customer_info leads to command injection. The attack may be launched remotely. The…
- CVE-2024-5194May 22, 2024risk 0.00cvss —epss 0.01
A vulnerability was found in Arris VAP2500 08.50. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /assoc_table.php. The manipulation of the argument id leads to command injection. The attack can be launched remotely. The…