Vulnerability Description
ARRIS TG1692A devices allow remote attackers to discover the administrator login name and password by reading the /login page and performing base64 decoding.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Commscope | Arris Tg1692A Firmware | 9.1.103de2 |
| Commscope | Arris Tg1692A | - |
Related Weaknesses (CWE)
References
- https://arris.secure.force.com/consumers/ConsumerProductSupportVendor Advisory
- https://medium.com/%40rsantos_14778/info-disclosure-cve-2020-9476-494a08298c6b
- https://arris.secure.force.com/consumers/ConsumerProductSupportVendor Advisory
- https://medium.com/%40rsantos_14778/info-disclosure-cve-2020-9476-494a08298c6b
FAQ
What is CVE-2020-9476?
CVE-2020-9476 is a vulnerability with a CVSS score of 7.5 (HIGH). ARRIS TG1692A devices allow remote attackers to discover the administrator login name and password by reading the /login page and performing base64 decoding.
How severe is CVE-2020-9476?
CVE-2020-9476 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-9476?
Check the references section above for vendor advisories and patch information. Affected products include: Commscope Arris Tg1692A Firmware, Commscope Arris Tg1692A.