CVE-2018-10989

Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distributed by some ISPs with a default password of "password" for the admin account that is used over an unencrypted http://192.168.0.1 connection, which might allow remote attackers to bypass intended access restrictions by leveraging access to the local network. NOTE: one or more user's guides distributed by ISPs state "At a minimum, you should set a login password."
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:commscope:arris_tg1682g_firmware:9.1.103j6:*:*:*:*:*:*:*
cpe:2.3:h:commscope:arris_tg1682g:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:42

Type Values Removed Values Added
References () https://medium.com/%40AkshaySharmaUS/comcast-arris-touchstone-gateway-devices-are-vulnerable-heres-the-disclosure-7d603aa9342c - () https://medium.com/%40AkshaySharmaUS/comcast-arris-touchstone-gateway-devices-are-vulnerable-heres-the-disclosure-7d603aa9342c -

13 Sep 2021, 11:32

Type Values Removed Values Added
CPE cpe:2.3:o:arris:tg1682g_firmware:9.1.103j6:*:*:*:*:*:*:*
cpe:2.3:h:arris:tg1682g:-:*:*:*:*:*:*:*
cpe:2.3:h:commscope:arris_tg1682g:-:*:*:*:*:*:*:*
cpe:2.3:o:commscope:arris_tg1682g_firmware:9.1.103j6:*:*:*:*:*:*:*

Information

Published : 2018-05-14 14:29

Updated : 2024-11-21 03:42


NVD link : CVE-2018-10989

Mitre link : CVE-2018-10989

CVE.ORG link : CVE-2018-10989


JSON object : View

Products Affected

commscope

  • arris_tg1682g_firmware
  • arris_tg1682g
CWE
CWE-1188

Insecure Default Initialization of Resource