Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-9406

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2014-9406
Last Modified 18 Dec 2014 02:44:31
Published 18 Dec 2014 10:59:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-9406

Summary

ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier has a default password of password for the admin account, which makes it easier for remote attackers to obtain access via a request to home_loggedout.php.

Vulnerable Systems

Application

  • Arris Touchstone Tg862g%2fct Firmware 7.6.59s.ct


References

FULLDISC - 20141216 CVE-2014-5437: Arris TG862G - Cross-site Request Forgery (CSRF)


Last Updated: 27 May 2016 10:52:00