← Back

Arris Surfboard Sb8200 Firmware

arris_surfboard_sb8200_firmware

Vendor: Commscope • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-20119
1Commscope
1Arris Surfboard Sb8200 Firmware
Nov 21, 2024
Nov 9, 2021
N/A· v4
7.1 HIGH· v3
4.9 MEDIUM· v2
The password change utility for the Arris SurfBoard SB8200 can have safety measures bypassed that allow any logged-in user to change the administrator password.
CVE-2021-20120
1Commscope
1Arris Surfboard Sb8200 Firmware
Nov 21, 2024
Oct 21, 2021
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
The administration web interface for the Arris Surfboard SB8200 lacks any protections against cross-site request forgery attacks. This means that an attacker could make configuration changes (such as changing the adminis...Show more
The administration web interface for the Arris Surfboard SB8200 lacks any protections against cross-site request forgery attacks. This means that an attacker could make configuration changes (such as changing the administrative password) without the consent of the user.Show less