Shodan
Vulnerabilities
Vulnerable Software
Commscope:  Security Vulnerabilities
CVE-2022-26995
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the pptp (wan_pptp.html) function via the pptp_fix_ip, pptp_fix_mask, pptp_fix_gw, and wan_dns1_stat parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
CVSS Score
9.8
EPSS Score
0.138
Published
2022-03-15
CVE-2021-41552
CommScope SURFboard SBG6950AC2 9.1.103AA23 devices allow Command Injection.
CVSS Score
8.8
EPSS Score
0.013
Published
2022-02-15
CVE-2021-20119
The password change utility for the Arris SurfBoard SB8200 can have safety measures bypassed that allow any logged-in user to change the administrator password.
CVSS Score
7.1
EPSS Score
0.001
Published
2021-11-09
CVE-2021-20120
The administration web interface for the Arris Surfboard SB8200 lacks any protections against cross-site request forgery attacks. This means that an attacker could make configuration changes (such as changing the administrative password) without the consent of the user.
CVSS Score
8.8
EPSS Score
0.001
Published
2021-10-21
CVE-2021-33217
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The Web Application allows Arbitrary Read/Write actions by authenticated users. The API allows an HTTP POST of arbitrary content into any file on the filesystem as root.
CVSS Score
8.8
EPSS Score
0.008
Published
2021-07-07
CVE-2021-33218
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded System Passwords that provide shell access.
CVSS Score
9.8
EPSS Score
0.013
Published
2021-07-07
CVE-2021-33219
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Hard-coded Web Application Administrator Passwords for the admin and nplus1user accounts.
CVSS Score
9.8
EPSS Score
0.007
Published
2021-07-07
CVE-2021-33220
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. Hard-coded API Keys exist.
CVSS Score
7.8
EPSS Score
0.0
Published
2021-07-07
CVE-2021-33221
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are Unauthenticated API Endpoints.
CVSS Score
9.8
EPSS Score
0.933
Published
2021-07-07
CVE-2021-33215
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. The API allows Directory Traversal.
CVSS Score
4.3
EPSS Score
0.001
Published
2021-07-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved