The Arris Touchstone DG950A cable modem with software 7.10.131 has an SNMP community of public, which allows remote attackers to obtain sensitive password, key, and SSID information via an SNMP request.
References
Link | Resource |
---|---|
http://www.kb.cert.org/vuls/id/855836 | US Government Resource |
https://community.rapid7.com/community/metasploit/blog/2014/08/21/more-snmp-information-leaks-cve-2014-4862-and-cve-2014-4863 | Exploit |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: certcc
Published: 2014-09-05T17:00:00
Updated: 2014-09-05T17:57:00
Reserved: 2014-07-10T00:00:00
Link: CVE-2014-4863
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-09-05T17:55:06.953
Modified: 2014-09-08T17:11:09.140
Link: CVE-2014-4863
JSON object: View
Redhat Information
No data.
CWE