Arris

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2014-5438 1Arris 1Touchstone Tg862g/ct Firmware May 6, 2026 Dec 17, 2014 N/A· v4 N/A· v3 3.5 LOW· v2 Cross-site scripting (XSS) vulnerability in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allows remote authenticated users to inject arbitrary web script or HTML via the computer_name...Show more Cross-site scripting (XSS) vulnerability in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allows remote authenticated users to inject arbitrary web script or HTML via the computer_name parameter to connected_devices_computers_edit.php.Show less
CVE-2014-5437 1Arris 1Touchstone Tg862g/ct Firmware May 6, 2026 Dec 17, 2014 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple cross-site request forgery (CSRF) vulnerabilities in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allow remote attackers to hijack the authentication of administrators for re...Show more Multiple cross-site request forgery (CSRF) vulnerabilities in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) enable remote management via a request to remote_management.php, (2) add a port forwarding rule via a request to port_forwarding_add.php, (3) change the wireless network to open via a request to wireless_network_configuration_edit.php, or (4) conduct cross-site scripting (XSS) attacks via the keyword parameter to managed_sites_add_keyword.php.Show less
CVE-2014-8425 1Arris 1Vap2500 Firmware May 6, 2026 Nov 28, 2014 N/A· v4 N/A· v3 7.8 HIGH· v2 The management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to obtain credentials by reading the configuration files.
CVE-2014-8424 1Arris 1Vap2500 Firmware May 6, 2026 Nov 28, 2014 N/A· v4 N/A· v3 7.8 HIGH· v2 ARRIS VAP2500 before FW08.41 does not properly validate passwords, which allows remote attackers to bypass authentication.
CVE-2014-8423 1Arris 1Vap2500 Firmware May 6, 2026 Nov 28, 2014 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in the management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to execute arbitrary commands via unknown vectors.
CVE-2014-4863 1Arris 2Touchstone Dg950a Touchstone Dg950a Software May 6, 2026 Sep 5, 2014 N/A· v4 N/A· v3 5.0 MEDIUM· v2 The Arris Touchstone DG950A cable modem with software 7.10.131 has an SNMP community of public, which allows remote attackers to obtain sensitive password, key, and SSID information via an SNMP request.
CVE-2007-2796 1Arris 1Cadant C3 Cmts Apr 23, 2026 Jun 12, 2007 N/A· v4 N/A· v3 7.8 HIGH· v2 Arris Cadant C3 CMTS allows remote attackers to cause a denial of service (service termination) via a malformed IP packet with an invalid IP option.

Previous 12