The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows remote attackers to establish arbitrary TCP connections to intranet hosts by sending \x2a\xce\x01 followed by other predictable values.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/100585 | Third Party Advisory VDB Entry |
https://threatpost.com/bugs-in-arris-modems-distributed-by-att-vulnerable-to-trivial-attacks/127753/ | Third Party Advisory |
https://www.nomotion.net/blog/sharknatto/ | Exploit Mitigation Technical Description Third Party Advisory |
http://www.securityfocus.com/bid/100585 | Third Party Advisory VDB Entry |
https://threatpost.com/bugs-in-arris-modems-distributed-by-att-vulnerable-to-trivial-attacks/127753/ | Third Party Advisory |
https://www.nomotion.net/blog/sharknatto/ | Exploit Mitigation Technical Description Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 03:12
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/100585 - Third Party Advisory, VDB Entry | |
References | () https://threatpost.com/bugs-in-arris-modems-distributed-by-att-vulnerable-to-trivial-attacks/127753/ - Third Party Advisory | |
References | () https://www.nomotion.net/blog/sharknatto/ - Exploit, Mitigation, Technical Description, Third Party Advisory |
Information
Published : 2017-09-03 19:29
Updated : 2024-11-21 03:12
NVD link : CVE-2017-14117
Mitre link : CVE-2017-14117
CVE.ORG link : CVE-2017-14117
JSON object : View
Products Affected
commscope
- arris_nvg599
- arris_nvg589
att
- u-verse_firmware
CWE
CWE-287
Improper Authentication