Sign-up

ID

VAR-201405-0557


TITLE

ARRIS SURFboard SBG6580 Series Wi-Fi Cale Modem Gateway Information Disclosure Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2014-03175

DESCRIPTION

ARRIS SURFboard SBG6580 Series Wi-Fi Cable Modem is a Wi-Fi cable modem. ARRIS SURFboard SBG6580 Series Wi-Fi Cable Modem has an information disclosure vulnerability that allows an attacker to exploit a vulnerability to obtain user interface authentication credentials and wireless network key values through a simple SNMP request. Arris SURFboard SBG6580 is a wireless gateway product from the American Arris Group. An information disclosure vulnerability exists in ARRIS SURFboard SBG6580. An attacker could use this vulnerability to obtain sensitive information. Vulnerabilities in ARRIS SURFboard 6.5.0.0-GA-00-226-NOSH version, other versions may also be affected. This may result in further attacks

Trust: 1.35

sources: CNVD: CNVD-2014-03175 // CNNVD: CNNVD-201405-331 // BID: 67466

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2014-03175

AFFECTED PRODUCTS

vendor:arrismodel:surfboard sbg6580 series wi-fi cable modem 6.5.0.0-ga-00-226-noshscope: - version: -

Trust: 0.6

vendor:arrismodel:group sbg6580 6.5.0.0-ga-00-226-noscope: - version: -

Trust: 0.3

sources: CNVD: CNVD-2014-03175 // BID: 67466

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2014-03175
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2014-03175
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2014-03175

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201405-331

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201405-331

EXTERNAL IDS

db:BIDid:67466

Trust: 1.5

db:SECUNIAid:58569

Trust: 0.6

db:CNVDid:CNVD-2014-03175

Trust: 0.6

db:CNNVDid:CNNVD-201405-331

Trust: 0.6

sources: CNVD: CNVD-2014-03175 // BID: 67466 // CNNVD: CNNVD-201405-331

REFERENCES

url:http://secunia.com/advisories/58569/

Trust: 0.6

url:http://www.securityfocus.com/bid/67466

Trust: 0.6

url:http://moto.arrisi.com/products/product.asp?id=928

Trust: 0.3

sources: CNVD: CNVD-2014-03175 // BID: 67466 // CNNVD: CNNVD-201405-331

CREDITS

Matthew Kienow

Trust: 0.9

sources: BID: 67466 // CNNVD: CNNVD-201405-331

SOURCES

db:CNVDid:CNVD-2014-03175
db:BIDid:67466
db:CNNVDid:CNNVD-201405-331

LAST UPDATE DATE

2022-05-17T02:09:04.824000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2014-03175date:2014-05-22T00:00:00
db:BIDid:67466date:2014-05-17T00:00:00
db:CNNVDid:CNNVD-201405-331date:2014-05-22T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2014-03175date:2014-05-22T00:00:00
db:BIDid:67466date:2014-05-17T00:00:00
db:CNNVDid:CNNVD-201405-331date:2014-05-22T00:00:00