Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distributed by some ISPs with a default password of "password" for the admin account that is used over an unencrypted http://192.168.0.1 connection, which might allow remote attackers to bypass intended access restrictions by leveraging access to the local network. NOTE: one or more user's guides distributed by ISPs state "At a minimum, you should set a login password."
References
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 03:42
Type | Values Removed | Values Added |
---|---|---|
References | () https://medium.com/%40AkshaySharmaUS/comcast-arris-touchstone-gateway-devices-are-vulnerable-heres-the-disclosure-7d603aa9342c - |
13 Sep 2021, 11:32
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:arris:tg1682g:-:*:*:*:*:*:*:* |
cpe:2.3:h:commscope:arris_tg1682g:-:*:*:*:*:*:*:* cpe:2.3:o:commscope:arris_tg1682g_firmware:9.1.103j6:*:*:*:*:*:*:* |
Information
Published : 2018-05-14 14:29
Updated : 2024-11-21 03:42
NVD link : CVE-2018-10989
Mitre link : CVE-2018-10989
CVE.ORG link : CVE-2018-10989
JSON object : View
Products Affected
commscope
- arris_tg1682g_firmware
- arris_tg1682g
CWE
CWE-1188
Insecure Default Initialization of Resource