Bernardo Rodrigues

**Nome do software vulnerável e versões afetadas** Versões do plugin Simple File List para WordPress até a versão 3.2.7, inclusive **Descrição** A vulnerabilidade permite que invasores não autenticados baixem arquivos arbitrários devido à falta de controles no parâmetro `eeFile`, localizado no arquivo ~/includes/ee-downloader.php. Isso permite que os invasores forneçam um caminho para um arquivo que será baixado posteriormente. **Recomendações** Para versões até e incluindo a 3.2.7, atualize para uma versão que inclua os controles necessários para o parâmetro `eeFile`, a fim de impedir downloads arbitrários de arquivos. Como solução temporária, considere restringir o acesso ao arquivo ~/includes/ee-downloader.php até que um patch esteja disponível.

**Name of the Vulnerable Software and Affected Versions** Arris DG860A versions TS0703128 100611 through TS0705125D 031115 Arris TG862A versions TS0703128 100611 through TS0705125D 031115 Arris TG862G versions TS0703128 100611 through TS0705125D 031115 **Description** The issue concerns a hardcoded administrator password that can be derived from the device's serial number, making it easier for remote attackers to gain access. This access can be obtained through various interfaces, including the web management interface, SSH, TELNET, or SNMP. **Recommendations** For Arris DG860A versions TS0703128 100611 through TS0705125D 031115, consider changing the administrator password to a strong, unique password as soon as possible. For Arris TG862A versions TS0703128 100611 through TS0705125D 031115, consider changing the administrator password to a strong, unique password as soon as possible. For Arris TG862G versions TS0703128 100611 through TS0705125D 031115, consider changing the administrator password to a strong, unique password as soon as possible.

**Name of the Vulnerable Software and Affected Versions** Arris DG860A versions TS0703128 100611 through TS0705125D 031115 Arris TG862A versions TS0703128 100611 through TS0705125D 031115 Arris TG862G versions TS0703128 100611 through TS0705125D 031115 **Description** A cross-site scripting (XSS) issue exists in the web management interface of the affected devices, allowing remote attackers to inject arbitrary web script or HTML via the `pwd` parameter. This could potentially lead to unauthorized access or control of the device. **Recommendations** For Arris DG860A versions TS0703128 100611 through TS0705125D 031115, avoid using the `pwd` parameter in the affected API endpoint until the issue is resolved. For Arris TG862A versions TS0703128 100611 through TS0705125D 031115, avoid using the `pwd` parameter in the affected API endpoint until the issue is resolved. For Arris TG862G versions TS0703128 100611 through TS0705125D 031115, avoid using the `pwd` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Arris DG860A versions TS0703128 100611 through TS0705125D 031115 Arris TG862A versions TS0703128 100611 through TS0705125D 031115 Arris TG862G versions TS0703128 100611 through TS0705125D 031115 **Description** A cross-site request forgery (CSRF) issue exists in the `adv pwd cgi` component of the web management interface, allowing remote attackers to hijack the authentication of arbitrary users. **Recommendations** For Arris DG860A versions TS0703128 100611 through TS0705125D 031115, consider disabling access to the `adv pwd cgi` component in the web management interface until a fix is available. For Arris TG862A versions TS0703128 100611 through TS0705125D 031115, consider disabling access to the `adv pwd cgi` component in the web management interface until a fix is available. For Arris TG862G versions TS0703128 100611 through TS0705125D 031115, consider disabling access to the `adv pwd cgi` component in the web management interface until a fix is available.