CVE-2022-45701

Name of the Vulnerable Software and Affected Versions Arris TG2482A versions 9.1.103GEM9 and earlier Arris TG2492 (affected versions not specified) Arris SBG10 (affected versions not specified)

Description The issue is related to errors in processing input data in the firmware of Arris routers. Exploitation of this issue may allow a remote attacker to execute arbitrary code by sending a specially crafted request. The vulnerability can be exploited via the ping utility feature.

Recommendations For Arris TG2482A versions 9.1.103GEM9 and earlier, update the firmware to a version that contains a fix for this issue. For Arris TG2492 and Arris SBG10, at the moment, there is no information about a newer version that contains a fix for this issue. As a temporary workaround, consider disabling the ping utility feature until a patch is available.