Remote Credential Exposure in ARRIS VAP2500 Product by ARRIS
CVE-2014-8425

Currently unrated

Key Information:

Vendor

Arris

Status
Vap2500 Firmware
Vendor
CVE Published:
28 November 2014

What is CVE-2014-8425?

The ARRIS VAP2500 management portal prior to firmware version FW08.41 has a security vulnerability that allows remote attackers to access sensitive configuration files. Exploiting this vulnerability can lead to the unintended disclosure of user credentials, potentially compromising the security of the device and its network. It is crucial for users of the affected product to apply the latest firmware updates to mitigate these risks.

References

http://www.zerodayinitiative.com/advisories/ZDI-14-387/
x_refsource_MISC

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.