VYPR
Vendor

Arris

Products
31
CVEs
57
Across products
82
Status
Private

Products

31
View all 31 products →

Recent CVEs

57
View all 57 CVEs →
  • CVE-2024-25729HigMar 8, 2024
    risk 0.57cvss 8.8epss 0.00

    Arris SBG6580 devices have predictable default WPA2 security passwords that could lead to unauthorized remote access. (They use the first 6 characters of the SSID and the last 6 characters of the BSSID, decrementing the last octet.)

  • CVE-2017-9490HigJul 31, 2017
    risk 0.57cvss 8.8epss 0.01

    The Comcast firmware on Arris TG1682G (eMTA&DOCSIS version 10.0.132.SIP.PC20.CT, software version TG1682_2.2p7s2_PROD_sey) devices allows configuration changes via CSRF.

  • CVE-2017-14116HigSep 3, 2017
    risk 0.53cvss 8.1epss 0.03

    The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG599 device, when IP Passthrough mode is not used, configures WAN access to a caserver https service with the tech account and an empty password, which allows remote attackers to obtain root privileges by establishing a…

  • CVE-2017-14115HigSep 3, 2017
    risk 0.53cvss 8.1epss 0.04

    The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures ssh-permanent-enable WAN SSH logins to the remotessh account with the 5SaP9I26 password, which allows remote attackers to access a "Terminal shell v1.0"…

  • CVE-2017-10793HigSep 3, 2017
    risk 0.53cvss 8.1epss 0.03

    The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589, NVG599, and unspecified other devices, when IP Passthrough mode is not used, configures an sbdc.ha WAN TCP service on port 61001 with the bdctest account and the bdctest password, which allows remote attackers to obtain…

  • CVE-2018-10990HigMay 14, 2018
    risk 0.52cvss 8.0epss 0.01

    On Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices, a logout action does not immediately destroy all state on the device related to the validity of the "credential" cookie, which might make it easier for attackers to obtain access at a later time (e.g., "at least…

  • CVE-2018-17555HigSep 26, 2018
    risk 0.49cvss 7.5epss 0.02

    The web component on ARRIS TG2492LG-NA 061213 devices allows remote attackers to obtain sensitive information via the /snmpGet oids parameter.

  • CVE-2017-9492HigJul 31, 2017
    risk 0.49cvss 7.5epss 0.02

    The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a-CMCST); Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST); Cisco DPC3939B (firmware version dpc3939b-v303r204217-150321a-CMCST); Cisco DPC3941T (firmware…

  • CVE-2025-49163MedJun 3, 2025
    risk 0.44cvss 6.7epss 0.00

    Arris VIP1113 devices through 2025-05-30 with KreaTV SDK allow booting an arbitrary image via a crafted /usr/bin/gunzip file.

  • CVE-2024-41643MedMar 26, 2025
    risk 0.44cvss 6.8epss 0.00

    An issue in Arris NVG443B 9.3.0h3d36 allows a physically proximate attacker to execute arbitrary code via the cshell login component.

  • CVE-2018-10989MedMay 14, 2018
    risk 0.43cvss 6.6epss 0.01

    Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distributed by some ISPs with a default password of "password" for the admin account that is used over an unencrypted http://192.168.0.1 connection, which might allow remote attackers to bypass intended access…

  • CVE-2017-16836MedNov 16, 2017
    risk 0.43cvss 6.1epss 0.02

    Arris TG1682G devices with Comcast TG1682_2.0s7_PRODse 10.0.59.SIP.PC20.CT software allow Unauthenticated Stored XSS via the actionHandler/ajax_managed_services.php service parameter.

  • CVE-2025-49162MedJun 3, 2025
    risk 0.42cvss 6.4epss 0.00

    Arris VIP1113 devices through 2025-05-30 with KreaTV SDK allow file overwrite via TFTP because a remote filename with a space character allows an attacker to control the local filename.

  • CVE-2017-14117MedSep 3, 2017
    risk 0.42cvss 5.9epss 0.08

    The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows remote attackers to establish arbitrary TCP connections to intranet hosts by…

  • CVE-2025-49164MedJun 3, 2025
    risk 0.28cvss 4.3epss 0.00

    Arris VIP1113 devices through 2025-05-30 with KreaTV SDK have a firmware decryption key of cd1c2d78f2cba1f73ca7e697b4a485f49a8a7d0c8b0fdc9f51ced50f2530668a.

  • CVE-2022-31793Aug 4, 2022
    risk 0.08cvss epss 0.11

    do_request in request.c in muhttpd before 1.1.7 allows remote attackers to read arbitrary files by constructing a URL with a single character before a desired path on the filesystem. This occurs because the code skips over the first character when serving files. Arris NVG443,…

  • CVE-2014-8424Nov 28, 2014
    risk 0.08cvss epss 0.60

    ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote attackers to bypass authentication.

  • CVE-2014-8423Nov 28, 2014
    risk 0.08cvss epss 0.62

    Unspecified vulnerability in the management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to execute arbitrary commands via unknown vectors.

  • CVE-2022-45701Feb 17, 2023
    risk 0.06cvss epss 0.45

    Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature.

  • CVE-2014-4863Sep 5, 2014
    risk 0.04cvss epss 0.16

    The Arris Touchstone DG950A cable modem with software 7.10.131 has an SNMP community of public, which allows remote attackers to obtain sensitive password, key, and SSID information via an SNMP request.