PT-2015-3464 · Arris · Arris Tg862G+1
Published
2015-11-21
·
Updated
2015-11-23
·
CVE-2009-5149
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Arris DG860A versions TS0703128 100611 through TS0705125D 031115
Arris TG862A versions TS0703128 100611 through TS0705125D 031115
Arris TG862G versions TS0703128 100611 through TS0705125D 031115
Description
The issue is related to a "password of the day" problem, where the technician passwords for the devices are predictable. This predictability makes it easier for remote attackers to obtain access to the devices via the web management interface.
Recommendations
For Arris DG860A versions TS0703128 100611 through TS0705125D 031115, consider changing the default technician password to a unique and strong password to prevent unauthorized access.
For Arris TG862A versions TS0703128 100611 through TS0705125D 031115, consider changing the default technician password to a unique and strong password to prevent unauthorized access.
For Arris TG862G versions TS0703128 100611 through TS0705125D 031115, consider changing the default technician password to a unique and strong password to prevent unauthorized access.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Arris Dg860A
Arris Tg862G