ID
VAR-201709-1242
TITLE
Arris Modems hard-coded backdoor vulnerability (CNVD-2017-24359)
Trust: 0.6
sources:
CNVD: CNVD-2017-24359
DESCRIPTION
Arris Modems is a modem produced by telecommunications equipment manufacturer Arris, a network access device customized for AT&T home users. Arris Modems has a hard-coded backdoor vulnerability. The Arris modem has a built-in web server. The attacker can access the background management panel by using the "tech/empty" account password through port 49955.
Trust: 0.6
sources:
CNVD: CNVD-2017-24359
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2017-24359
AFFECTED PRODUCTS
| vendor: | arris | model: | nvg589 | scope: | - | version: | - | Trust: 0.6 |
| vendor: | arris | model: | nvg599 | scope: | - | version: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2017-24359
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
CNVD: CNVD-2017-24359
PATCH
| title: | Patch for Arris Modems hard-coded backdoor vulnerability (CNVD-2017-24359) | url: | https://www.cnvd.org.cn/patchinfo/show/101381 | Trust: 0.6 |
sources:
CNVD: CNVD-2017-24359
EXTERNAL IDS
| db: | CNVD | id: | CNVD-2017-24359 | Trust: 0.6 |
sources:
CNVD: CNVD-2017-24359
REFERENCES
| url: | https://www.bleepingcomputer.com/news/security/three-hardcoded-backdoor-accounts-discovered-in-arris-modems/ | Trust: 0.6 |
sources:
CNVD: CNVD-2017-24359
SOURCES
| db: | CNVD | id: | CNVD-2017-24359 |
LAST UPDATE DATE
2022-05-04T09:34:04.710000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2017-24359 | date: | 2020-03-10T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2017-24359 | date: | 2017-09-01T00:00:00 |