CVE-2015-7291
- EPSS 0.1%
- Veröffentlicht 21.11.2015 11:59:19
- Zuletzt bearbeitet 12.04.2025 10:46:40
Cross-site request forgery (CSRF) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows remote attackers to hijack the authentication o...
CVE-2015-7290
- EPSS 0.65%
- Veröffentlicht 21.11.2015 11:59:18
- Zuletzt bearbeitet 12.04.2025 10:46:40
Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows remote attackers to inject arbitrary web script or HTM...
CVE-2015-7289
- EPSS 0.47%
- Veröffentlicht 21.11.2015 11:59:16
- Zuletzt bearbeitet 12.04.2025 10:46:40
Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 have a hardcoded administrator password derived from a serial number, which makes it easier for remote attackers to obtain access via the web management...
CVE-2009-5149
- EPSS 3.64%
- Veröffentlicht 21.11.2015 11:59:00
- Zuletzt bearbeitet 12.04.2025 10:46:40
Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 have predictable technician passwords, which makes it easier for remote attackers to obtain access via the web management interface, related to a "passw...