PT-2015-7507 · Arris · Arris Tg862G+1
Bernardo Rodrigues
·
Publicado
2015-11-21
·
Atualizado
2015-11-23
·
CVE-2015-7289
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Arris DG860A versions TS0703128 100611 through TS0705125D 031115
Arris TG862A versions TS0703128 100611 through TS0705125D 031115
Arris TG862G versions TS0703128 100611 through TS0705125D 031115
Description
The issue concerns a hardcoded administrator password that can be derived from the device's serial number, making it easier for remote attackers to gain access. This access can be obtained through various interfaces, including the web management interface, SSH, TELNET, or SNMP.
Recommendations
For Arris DG860A versions TS0703128 100611 through TS0705125D 031115, consider changing the administrator password to a strong, unique password as soon as possible.
For Arris TG862A versions TS0703128 100611 through TS0705125D 031115, consider changing the administrator password to a strong, unique password as soon as possible.
For Arris TG862G versions TS0703128 100611 through TS0705125D 031115, consider changing the administrator password to a strong, unique password as soon as possible.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Arris Dg860A
Arris Tg862G