PT-2014-8994 · Arris · Arris Touchstone Tg862G/Ct Telephony Gateway

Published

2014-12-18

Updated

2014-12-18

CVE-2014-9406

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions ARRIS Touchstone TG862G/CT Telephony Gateway versions 7.6.59S.CT and earlier

Description The issue allows remote attackers to obtain access more easily due to a default password for the admin account. This can be exploited via a request to "home loggedout.php".

Recommendations For ARRIS Touchstone TG862G/CT Telephony Gateway versions 7.6.59S.CT and earlier, change the default admin password to a strong, unique password to prevent unauthorized access.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

CVE-2014-9406

Affected Products

Arris Touchstone Tg862G/Ct Telephony Gateway

PT-2014-8994 · Arris · Arris Touchstone Tg862G/Ct Telephony Gateway

CVE-2014-9406

Weakness Enumeration

Related Identifiers

Affected Products

References · 2